Bug 531011 (CVE-2009-3766)

Summary: CVE-2009-3766 mutt: missing host name vs. SSL certificate name checks
Product: [Other] Security Response Reporter: Tomas Hoger <thoger>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED WONTFIX QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: jrusnack, mlichvar, pertusus, rvokal
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3766
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-03-02 19:18:40 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Tomas Hoger 2009-10-26 14:19:07 UTC 
Common Vulnerabilities and Exposures assigned an identifier CVE-2009-3766 to the following vulnerability:

mutt_ssl.c in mutt 1.5.16, when OpenSSL is used, does not verify the domain
name in the subject's Common Name (CN) field of an X.509 certificate, which
allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid
certificate.

Upstream bug:
http://dev.mutt.org/trac/ticket/3087

References:
http://marc.info/?l=oss-security&m=125198917018936&w=2
Comment 1 Tomas Hoger 2009-10-26 14:29:46 UTC 
CVE description is bit imprecise, as this problem affects mutt versions before 1.5.19, most likely all with POP/IMAP + SSL support using OpenSSL crypto library.

For this flaw to be exploited, following conditions must be met:
- user needs to have a file with trusted certificates, path to it has to be set in .muttrc via certificate_file option; the file should contain at least one CA certificate (i.e. not only server certificates)
- attacker needs to have a valid SSL certificate issues by CA listed in victim's certificate_file
- attacker must be able to re-direct victims network traffic to his malicious server

If all the conditions are met and victim is redirected to an attacker's server, mutt will not warn user about Common Name listed in server's SSL certificate not matching requested host name, allowing user to provide authentication credentials to attacker.

Note: there's no certificate_file configured by default.  In that case, mutt displays info from server's certificate subject, allowing user to decide whether to proceed with the connection.  That info screen will display Common Name not matching user's request.
Comment 3 Tomas Hoger 2009-10-26 14:36:46 UTC 
This problem affects mutt versions in Red Hat Enterprise Linux 3, 4 and 5.  Future updates may introduce SSL hostname checks.

Current Fedora versions are not affected.
Comment 5 Josh Bressers 2011-07-25 19:24:49 UTC 
Statement:

(none)