Hide Forgot
Common Vulnerabilities and Exposures assigned an identifier CVE-2014-2734 to the following vulnerability: Name: CVE-2014-2734 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2734 Assigned: 20140408 Reference: FULLDISC:20140416 Ruby OpenSSL private key spoofing ~ CVE-2014-2734 with PoC Reference: http://seclists.org/fulldisclosure/2014/Apr/231 Reference: http://packetstormsecurity.com/files/126218/Ruby-OpenSSL-Private-Key-Spoofing.html Reference: https://gist.github.com/10446549 The openssl extension in Ruby 2.x does not properly maintain the state of process memory after a file is reopened, which allows remote attackers to spoof signatures within the context of a Ruby script that attempts signature verification after performing a certain sequence of filesystem operations.
There is not real information about what problem CVE-2014-2734 is actually supposed to identify. The information that was posted to the Full Disclosure mailing list is vague, and the PoC code is obfuscated. There were some attempts to de-obfuscate the PoC, see this Ycombinator discussion: https://news.ycombinator.com/item?id=7601973 Adrien Thebo reduced the PoC to: #!/usr/bin/env ruby require 'openssl' key = OpenSSL::PKey::RSA.new(2048) ca_cert = OpenSSL::X509::Certificate.new(File.read("ca.pem")) puts "before we sign the cert: #{ca_cert.verify(key)}" ca_cert.sign(key, OpenSSL::Digest::SHA1.new) puts "after we sign the cert: #{ca_cert.verify(key)}" This version, along with full history of changes from the original PoC, can be found in his github repository: https://github.com/adrienthebo/cve-2014-2734/ https://github.com/adrienthebo/cve-2014-2734/commits/ The above script does the following: - generates new RSA key - loads existing (CA) certificate from file - checks that the certificate was not signed by the new key - re-signs the certificate with the new key - verifies that the certificate is now signed by the new key Reporting 'true' at the end is intended behavior and not a bug nor security issue. File system operations, as mentioned in the CVE description and initial report, do not make a difference. Note that Ruby openssl module is currently rather under-documented. OpenSSL::X509::Certificate's sign method does not have any documentation other than the example on how to create certificates. http://www.ruby-doc.org/stdlib-2.1.1/libdoc/openssl/rdoc/OpenSSL/X509/Certificate.html Unless there's further clarification posted by the reporter, it seems this CVE should be considered invalid.
Ruby upstream has also disputed this CVE. External References: https://www.ruby-lang.org/en/news/2014/05/09/dispute-of-vulnerability-cve-2014-2734/