Bug 520661 - (CVE-2009-2702) CVE-2009-2702 kdelibs: kssl incorrect verification of SSL certificate with NUL in subjectAltName
CVE-2009-2702 kdelibs: kssl incorrect verification of SSL certificate with NU...
Status: CLOSED CURRENTRELEASE
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
public=20090901,reported=20090807,sou...
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2009-09-01 12:49 EDT by Tomas Hoger
Modified: 2015-03-09 05:13 EDT (History)
8 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-03-06 06:55:36 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)
My proposed patch for kdelibs 4.2.4 (2.58 KB, patch)
2009-09-01 12:51 EDT, Tomas Hoger
no flags Details | Diff
Backport of the patch to 3.5.4 (RHEL5) (2.45 KB, patch)
2009-09-01 12:52 EDT, Tomas Hoger
no flags Details | Diff

  None (edit)
Description Tomas Hoger 2009-09-01 12:49:18 EDT
A method to bypass SSL certificate name vs. host name verification via NUL
('\0') character embedded in X509 certificate's CommonName or subjectAltName
was presented at Black Hat USA 2009:

http://www.blackhat.com/html/bh-usa-09/bh-usa-09-archives.html#Marlinspike

Similar issues affects kdelibs' kssl.  Problem only exists in handling of subjectAltNames, CommonNames with embedded NUL chars are handled correctly.

According to Thiago Macieira (maintainer of KDE's and Qt's SSL code), kssl is no longer used in current KDE4 versions, Qt's SSL code is used instead (which is affected by similar problem, see bug #520435).

Problem affects kdelibs 3.5.4 shipped in Red Hat Enterprise Linux 5.  Versions in Red Hat Enterprise Linux 4 (3.3.1) and Red Hat Enterprise Linux 3 (3.1.3) are not affected, as they do not support subjectAltNames at all.

Unlike Qt, kssl is not prone to creation of universal MITM certificate (*\0.whatever.com), as matching of '*' wild card is limited to single host name component.
Comment 1 Tomas Hoger 2009-09-01 12:51:15 EDT
Created attachment 359423 [details]
My proposed patch for kdelibs 4.2.4

Not tested.  Based on information from Thiago, affected code is no longer used, so patch is not needed and may not be applied upstream at all.
Comment 2 Tomas Hoger 2009-09-01 12:52:53 EDT
Created attachment 359429 [details]
Backport of the patch to 3.5.4 (RHEL5)

I did some testing of the patch using konqueror and kmail.  No regressions spotted during the quick smoke testing.
Comment 3 Tomas Hoger 2009-09-01 12:54:21 EDT
I've added whole kdelibs/Fedora initialcc list to the CC.  As this should not require any action in Fedora, feel free to remove yourself from CC if you do not care.
Comment 4 Kevin Kofler 2009-09-01 12:55:01 EDT
The problem also affects kdelibs3 in all supported versions of Fedora.
Comment 5 Kevin Kofler 2009-09-01 12:57:56 EDT
And IMHO, kdelibs 4.x should get patched too. If the code is shipped, it may be used by something, so the safe thing is to patch it. (Or we could try removing it and seeing what breaks, but I'd rather not do that in a security update.)
Comment 7 Kevin Kofler 2009-09-01 13:08:04 EDT
The comment in kdelibs 4.3's kio's CMakeLists.txt says about the offending files:
> # below is what's left of KDE2/3 SSL code, still required for certificate chain validation
> # by hand and for key generation. Network code has been removed.
which seems to say this code may still get used for some forms of verification. So I think it's really safest to patch it.
Comment 8 Tomas Hoger 2009-09-01 13:14:27 EDT
(In reply to comment #4)
> The problem also affects kdelibs3 in all supported versions of Fedora.  

Sorry, I forgot about kdelibs3.  Thanks for catching it.  One of the patches should apply, the code does not differ much even between 3.x and 4.x.

(In reply to comment #5)
> And IMHO, kdelibs 4.x should get patched too. If the code is shipped, it may be
> used by something, so the safe thing is to patch it.

I've been told the code is private to KIO, so only KIOs should be affected and can be broken by removal.  IMO, impact of this probably does not justify a risky removal, even more when patch is rather trivial.
Comment 9 Ngo Than 2009-09-03 09:35:14 EDT
I don't think it's good idea to remove this code. I'd rather patch it.
Comment 10 Fedora Update System 2009-09-06 09:05:59 EDT
akonadi-1.2.1-1.fc11,kdeaccessibility-4.3.1-1.fc11,kdeadmin-4.3.1-1.fc11,kdeartwork-4.3.1-1.fc11,kdebase-4.3.1-2.fc11,kdebase-runtime-4.3.1-1.fc11,kdebase-workspace-4.3.1-1.fc11,kdebindings-4.3.1-3.fc11,kdeedu-4.3.1-1.fc11,kdegames-4.3.1-1.fc11,kdegraphics-4.3.1-1.fc11,kdelibs-4.3.1-3.fc11,kdelibs-experimental-4.3.1-1.fc11,kdemultimedia-4.3.1-1.fc11,kdenetwork-4.3.1-1.fc11,kdepim-4.3.1-1.fc11,kdepim-runtime-4.3.1-1.fc11,kdepimlibs-4.3.1-1.fc11,kdeplasma-addons-4.3.1-1.fc11,kdesdk-4.3.1-1.fc11,kdetoys-4.3.1-1.fc11,kdeutils-4.3.1-1.fc11,kde-l10n-4.3.1-2.fc11,oxygen-icon-theme-4.3.1-1.fc11 has been submitted as an update for Fedora 11.
http://admin.fedoraproject.org/updates/akonadi-1.2.1-1.fc11,kdeaccessibility-4.3.1-1.fc11,kdeadmin-4.3.1-1.fc11,kdeartwork-4.3.1-1.fc11,kdebase-4.3.1-2.fc11,kdebase-runtime-4.3.1-1.fc11,kdebase-workspace-4.3.1-1.fc11,kdebindings-4.3.1-3.fc11,kdeedu-4.3.1-1.fc11,kdegames-4.3.1-1.fc11,kdegraphics-4.3.1-1.fc11,kdelibs-4.3.1-3.fc11,kdelibs-experimental-4.3.1-1.fc11,kdemultimedia-4.3.1-1.fc11,kdenetwork-4.3.1-1.fc11,kdepim-4.3.1-1.fc11,kdepim-runtime-4.3.1-1.fc11,kdepimlibs-4.3.1-1.fc11,kdeplasma-addons-4.3.1-1.fc11,kdesdk-4.3.1-1.fc11,kdetoys-4.3.1-1.fc11,kdeutils-4.3.1-1.fc11,kde-l10n-4.3.1-2.fc11,oxygen-icon-theme-4.3.1-1.fc11
Comment 11 Fedora Update System 2009-09-06 09:08:12 EDT
akonadi-1.2.1-1.fc10,kdeaccessibility-4.3.1-1.fc10,kdeadmin-4.3.1-1.fc10,kdeartwork-4.3.1-1.fc10,kdebase-4.3.1-2.fc10,kdebase-runtime-4.3.1-1.fc10,kdebase-workspace-4.3.1-1.fc10,kdebindings-4.3.1-3.fc10,kdeedu-4.3.1-1.fc10,kdegames-4.3.1-1.fc10,kdegraphics-4.3.1-1.fc10,kdelibs-4.3.1-3.fc10,kdelibs-experimental-4.3.1-1.fc10,kdemultimedia-4.3.1-1.fc10,kdenetwork-4.3.1-1.fc10,kdepim-4.3.1-1.fc10,kdepim-runtime-4.3.1-1.fc10,kdepimlibs-4.3.1-1.fc10,kdeplasma-addons-4.3.1-1.fc10,kdesdk-4.3.1-1.fc10,kdetoys-4.3.1-1.fc10,kdeutils-4.3.1-1.fc10,kde-l10n-4.3.1-2.fc10,oxygen-icon-theme-4.3.1-1.fc10 has been submitted as an update for Fedora 10.
http://admin.fedoraproject.org/updates/akonadi-1.2.1-1.fc10,kdeaccessibility-4.3.1-1.fc10,kdeadmin-4.3.1-1.fc10,kdeartwork-4.3.1-1.fc10,kdebase-4.3.1-2.fc10,kdebase-runtime-4.3.1-1.fc10,kdebase-workspace-4.3.1-1.fc10,kdebindings-4.3.1-3.fc10,kdeedu-4.3.1-1.fc10,kdegames-4.3.1-1.fc10,kdegraphics-4.3.1-1.fc10,kdelibs-4.3.1-3.fc10,kdelibs-experimental-4.3.1-1.fc10,kdemultimedia-4.3.1-1.fc10,kdenetwork-4.3.1-1.fc10,kdepim-4.3.1-1.fc10,kdepim-runtime-4.3.1-1.fc10,kdepimlibs-4.3.1-1.fc10,kdeplasma-addons-4.3.1-1.fc10,kdesdk-4.3.1-1.fc10,kdetoys-4.3.1-1.fc10,kdeutils-4.3.1-1.fc10,kde-l10n-4.3.1-2.fc10,oxygen-icon-theme-4.3.1-1.fc10
Comment 12 Fedora Update System 2009-09-06 09:11:47 EDT
kdelibs3-3.5.10-13.fc10.1 has been submitted as an update for Fedora 10.
http://admin.fedoraproject.org/updates/kdelibs3-3.5.10-13.fc10.1
Comment 13 Fedora Update System 2009-09-06 09:11:54 EDT
kdelibs3-3.5.10-13.fc11.1 has been submitted as an update for Fedora 11.
http://admin.fedoraproject.org/updates/kdelibs3-3.5.10-13.fc11.1
Comment 14 Fedora Update System 2009-09-08 21:49:00 EDT
kdelibs3-3.5.10-13.fc11.1 has been pushed to the Fedora 11 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 15 Fedora Update System 2009-09-08 21:50:17 EDT
kdelibs3-3.5.10-13.fc10.1 has been pushed to the Fedora 10 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 16 Jan Lieskovsky 2009-09-09 10:43:31 EDT
MITRE's CVE-2009-2702 record:
-----------------------------

KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a
'\0' character in a domain name in the Subject Alternative Name field
of an X.509 certificate, which allows man-in-the-middle attackers to
spoof arbitrary SSL servers via a crafted certificate issued by a
legitimate Certification Authority, a related issue to CVE-2009-2408.

References:
-----------
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2702
http://secunia.com/advisories/36468
http://www.vupen.com/english/advisories/2009/2532
Comment 17 Fedora Update System 2009-09-15 03:37:48 EDT
akonadi-1.2.1-1.fc11, kdeaccessibility-4.3.1-1.fc11, kdeadmin-4.3.1-1.fc11, kdeartwork-4.3.1-1.fc11, kdebase-4.3.1-2.fc11, kdebase-runtime-4.3.1-1.fc11, kdebase-workspace-4.3.1-1.fc11, kdebindings-4.3.1-3.fc11, kdeedu-4.3.1-1.fc11, kdegraphics-4.3.1-1.fc11, kdelibs-4.3.1-3.fc11, kdelibs-experimental-4.3.1-1.fc11, kdemultimedia-4.3.1-1.fc11, kdenetwork-4.3.1-1.fc11, kdepim-4.3.1-1.fc11, kdepim-runtime-4.3.1-1.fc11, kdepimlibs-4.3.1-1.fc11, kdeplasma-addons-4.3.1-1.fc11, kdesdk-4.3.1-1.fc11, kdetoys-4.3.1-1.fc11, kdeutils-4.3.1-1.fc11, kde-l10n-4.3.1-2.fc11, oxygen-icon-theme-4.3.1-1.fc11, kdegames-4.3.1-4.fc11 has been pushed to the Fedora 11 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 18 Fedora Update System 2009-09-15 03:39:39 EDT
akonadi-1.2.1-1.fc10, kdeaccessibility-4.3.1-1.fc10, kdeadmin-4.3.1-1.fc10, kdeartwork-4.3.1-1.fc10, kdebase-4.3.1-2.fc10, kdebase-runtime-4.3.1-1.fc10, kdebase-workspace-4.3.1-1.fc10, kdebindings-4.3.1-3.fc10, kdeedu-4.3.1-1.fc10, kdegraphics-4.3.1-1.fc10, kdelibs-4.3.1-3.fc10, kdelibs-experimental-4.3.1-1.fc10, kdemultimedia-4.3.1-1.fc10, kdenetwork-4.3.1-1.fc10, kdepim-4.3.1-1.fc10, kdepim-runtime-4.3.1-1.fc10, kdepimlibs-4.3.1-1.fc10, kdeplasma-addons-4.3.1-1.fc10, kdesdk-4.3.1-1.fc10, kdetoys-4.3.1-1.fc10, kdeutils-4.3.1-1.fc10, kde-l10n-4.3.1-2.fc10, oxygen-icon-theme-4.3.1-1.fc10, kdegames-4.3.1-4.fc10 has been pushed to the Fedora 10 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 19 Kevin Kofler 2009-09-15 09:56:19 EDT
Updates issued for kdelibs3 and kdelibs in Fedora 10 and 11, also fixed in Rawhide, I suppose all that's left now is RHEL 5.
Comment 20 Tomas Hoger 2009-09-16 02:32:05 EDT
Right, feel free to un-CC yourself if you don't need further BZ spam out this.

Note You need to log in before you can comment on or make changes to this bug.