Bug 127186 - CAN-2004-0758 Overriding built-in certificate leading to error -8182 (DoS), especially exploitable by email
CAN-2004-0758 Overriding built-in certificate leading to error -8182 (DoS), e...
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: mozilla (Show other bugs)
3.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Christopher Aillon
Ben Levenson
https://banquo.inf.ethz.ch:8080/
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2004-07-03 10:16 EDT by Marcel Boesch
Modified: 2007-11-30 17:07 EST (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-08-04 17:49:25 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Marcel Boesch 2004-07-03 10:16:03 EDT
Description of problem:

/*(see https://banquo.inf.ethz.ch:8080/ for a close description)*/
/*Mozilla.org has been informed and a bug has been filed*/


Importing a self-made certificate (call it x) with the same DN as a
built-in CA root cert (called b) overrides the built-in one:
trying to open a SSL page protected by a cert signed by b throws an
error -8182 ('certificate presented by xyz.com is invalid or corrupt')
-> Denial of Service.

This could be automated when importing x via mime type
application/x-x509-email-cert, causing Mozilla to import the cert
silently (bug Nr. 2). 
This is also possible via email messages, calling the cert x link
inside an <iframe> tag, leading to a silent import of x when opening
or previewing the message (bug Nr. 3).

Conclusion: fully automatical DoS of the entire cert store via email
is possible, no user interaction needed. 

How reproducible:
always. Tested with Mozilla 1.6 and 1.7
Mozilla 1.0.2 is NOT vulnerable.

Steps to Reproduce: 
1. craft a self-signed cert (openssl) with the same DN as a built-in
CA root cert.
2. import it into the cert store, either manually or by providing it
as pem
encoded using the mime content type application/x-x509-email-cert for
_silent
import_.
3. Your certificate store is "corrupted" from this time on: open a web
site
protected by an SSL certificate signed by the root CA cert you've been
forging and you'll get an error -8182. 

4. The same could be reached via email when including an <ifram>
pointing to the
certs' location, leading to fully automatical silent import of the cert. 


 Actual Results:  
Mozilla imports the "forged" root cert  into the "authorities" tab of
the cert
manager as an untrusted root. You can identify it by the column "security
device": its stored in the  "software security device" instead of the
"Builtin
Object Token". However your certificate store is "corrupted" from this
time on:
open a web site protected by an SSL certificate signed by the root CA cert
you've been forging and you'll get an error -8182. 


Expected Results:  
Mozilla silently (without any warning/message!) imports the root cert
into the
"authorities" tab of the cert manager as an untrusted root when
serving it as
type application/x-x509-email-cert. According to the principles
Visibility and
Clarity for 'safe and secure CA-related UI-Dialogs' proposed in
chapter 4.2. of
my diploma thesis, instead of no user-feedback, an adequate treatment
of this
situation would be to show the import dialogue.

During my diploma thesis on Rogue CA's possibilities, one part of the
work was to evaluate today's browsing software. 

Contact me: This bug was found as part of my diploma thesis which is
still going on. If you have any suggestions or ideas, contact me at 
marboesc@student.ethz.ch (PGP Key: 0x0AA132A7141D27C8
Comment 1 Ralf Hauser 2004-07-03 10:40:47 EDT
already reported as http://bugzilla.mozilla.org/show_bug.cgi?id=249004
on 040629, but no reaction there ?!?! Also, no echo from reporting to
cert.org 2 days ago...
Comment 2 Marcel Boesch 2004-07-04 14:50:41 EDT
The bug is also tracked at 
Http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=257559 

Comment 4 Mark J. Cox (Product Security) 2004-08-04 04:16:02 EDT
Will be part of a Mozilla 1.4.3 update for RHEL users shortly.
Comment 5 Mark J. Cox (Product Security) 2004-08-04 17:49:25 EDT
An errata has been issued which should help the problem 
described in this bug report. This report is therefore being 
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files, 
please follow the link below. You may reopen this bug report 
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2004-421.html

Note You need to log in before you can comment on or make changes to this bug.