Bug 497983 - (CVE-2009-1417) CVE-2009-1417 gnutls: certificate expiration not checked by gnutls-cli [GNUTLS-SA-2009-3]
CVE-2009-1417 gnutls: certificate expiration not checked by gnutls-cli [GNUTL...
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
: Security
Depends On: 504791
  Show dependency treegraph
Reported: 2009-04-28 04:59 EDT by Tomas Hoger
Modified: 2009-08-11 04:14 EDT (History)
6 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2009-08-11 04:14:57 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Upstream patch (2.85 KB, patch)
2009-04-28 05:01 EDT, Tomas Hoger
no flags Details | Diff

  None (edit)
Description Tomas Hoger 2009-04-28 04:59:13 EDT
GnuTLS upstream reports:

  Romain Francoise reported that gnutls-cli does not check the
  activation and expiration dates of X.509 certificates.  This is
  assumed to apply to all versions of gnutls-cli.

Further upstream investigation of the problem showed that other applications using GnuTLS library may be affected by the similar problem, as GnuTLS' gnutls_certificate_verify_peers* functions do not check activation / expiration times on certificates.  Such check was expected to be done by the applications using GnuTLS library.

This decision was now re-considered upstream and activation / expiration time checks are being added to _gnutls_x509_verify_certificate in the GnuTLS library, instead of only being added to gnutls-cli.  Applications not wanting this time verification should explicitly disable it by using newly introduced GNUTLS_VERIFY_DISABLE_TIME_CHECKS verification flag.  While this code introduces a change, which is not backwards compatible, upstream believes this should not negatively impact existing code.
Comment 1 Tomas Hoger 2009-04-28 05:01:26 EDT
Created attachment 341539 [details]
Upstream patch
Comment 2 Tomas Hoger 2009-04-28 05:06:01 EDT
For testing purposes, upstream has set up few testing URLs with expired certificates:

- Expired server certificate

- Expire intermediate certificate, server return intermediate CA

- Expire intermediate certificate server does not return intermediate CA

Can be tested using: gnutls-cli expired.demo.gnutls.org
Comment 5 Tomas Hoger 2009-04-30 05:28:49 EDT
GnuTLS is shipped in Red Hat Enterprise Linux 4 and 5.  Applications using GnuTLS' certificate verification (libsoup, libvirt, gtk-vnc) already perform activation / expiration date checks.  gnutls-cli command line tool is affected by this problem.

The impact of this flaw is limited (besides having expired certificate, attacker would need to have associated private key as well and trick user to connect to spoofed SSL/TLS server), and the fix introduces backwards incompatible change.  Future updates of gnutls packages in Red Hat Enterprise Linux 4 and 5 may include this change.
Comment 6 Tomas Hoger 2009-04-30 08:36:08 EDT
Public now via upstream security advisory:

Fix included in upstream version 2.6.6:
Comment 8 Joe Orton 2009-04-30 09:17:21 EDT
gnutls-cli is documented as a "test program" so I'd struggle to call this a  security issue there.
Comment 9 Vincent Danen 2009-05-01 12:54:31 EDT
Common Vulnerabilities and Exposures assigned an identifier CVE-2009-1417 to
the following vulnerability:

Name: CVE-2009-1417
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1417
Assigned: 20090424
Reference: MLIST:[gnutls-devel] 20090430 Certificate expiration not checked by gnutls-cli [GNUTLS-SA-2009-3] [CVE-2009-1417]
Reference: URL: http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3517
Reference: SECUNIA:34842
Reference: URL: http://secunia.com/advisories/34842

gnutls-cli in GnuTLS before 2.6.6 does not verify the activation and
expiration times of X.509 certificates, which allows remote attackers
to successfully present a certificate that is (1) not yet valid or (2)
no longer valid, related to lack of time checks in the
_gnutls_x509_verify_certificate function in lib/x509/verify.c in
libgnutls_x509, as used by (a) Exim, (b) OpenLDAP, and (c) libsoup.
Comment 10 Tomas Hoger 2009-08-11 04:14:57 EDT
This was further discussed internally and it was decided not to backport this change to Red Hat Enterprise Linux 4 and 5.  This fix changes documented behaviour, possibly creating a regression for applications that performed all required checks previously (they will no longer report expired / not yet active certificates correctly, rather use generic SSL verification error).  Given the low impact of the flaw and the API-breaking nature of the fix, we do not plan to fix this flaw in already released product versions.  Future versions containing newer upstream GnuTLS versions will include this fix.

Note You need to log in before you can comment on or make changes to this bug.