Bug 979251 - (CVE-2013-4073) CVE-2013-4073 ruby: hostname check bypassing vulnerability in SSL client
CVE-2013-4073 ruby: hostname check bypassing vulnerability in SSL client
Status: NEW
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
medium Severity medium
: ---
: ---
Assigned To: Red Hat Product Security
impact=moderate,public=20130627,repor...
: Security
Depends On: 979295 979297 979298 979300 979301 979303 979304 979306 979308 979309 979311 979488 980735 1165377
Blocks: 979252 980709 1119605
  Show dependency treegraph
 
Reported: 2013-06-28 00:50 EDT by Vincent Danen
Modified: 2016-12-04 15:45 EST (History)
51 users (show)

See Also:
Fixed In Version: ruby 2.0.0-p247, ruby 1.9.3-p448, ruby 1.8.7-p374
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Vincent Danen 2013-06-28 00:50:37 EDT
Ruby’s SSL client implements hostname identity check but it does not properly handle hostnames in the certificate that contain null bytes.

OpenSSL::SSL.verify_certificate_identity implements RFC2818 Server Identity check for Ruby’s SSL client but it does not properly handle hostnames in the subjectAltName X509 extension that contain null bytes.

Existing code in lib/openssl/ssl.rb uses OpenSSL::X509::Extension#value for extracting identity from subjectAltName. Extension#value depends OpenSSL function X509V3_EXT_print() and for dNSName of subjectAltName it utilizes sprintf() that is known as null byte unsafe. As the result Extension#value returns ‘www.ruby-lang.org’ if the subjectAltName is ‘www.ruby-lang.org\0.example.com’ and OpenSSL::SSL.verify_certificate_identity wrongly identifies the certificate is for ‘www.ruby-lang.org’.

When a CA a SSL client trusts allows to issue the server certificate that has null byte in subjectAltName, remote attackers can obtain the certificate for ‘www.ruby-lang.org\0.example.com’ from the CA to spoof ‘www.ruby-lang.org’ and do man-in-the-middle between Ruby’s SSL client and SSL servers.


External References:

http://www.ruby-lang.org/en/news/2013/06/27/hostname-check-bypassing-vulnerability-in-openssl-client-cve-2013-4073/
Comment 1 Vincent Danen 2013-06-28 00:56:22 EDT
This is corrected in upstream versions 2.0.0-p247, 1.9.3-p448 and 1.8.7-p374.
Comment 2 Kurt Seifried 2013-06-28 03:53:23 EDT
Created ruby tracking bugs for this issue:

Affects: fedora-all [bug 979295]
Comment 9 Kurt Seifried 2013-06-28 04:04:41 EDT
Created jruby tracking bugs for this issue:

Affects: fedora-all [bug 979309]
Comment 14 Vít Ondruch 2013-07-01 03:08:54 EDT
There might be regression introduced by fix for this CVE: https://bugs.ruby-lang.org/issues/8575
Comment 16 Vít Ondruch 2013-07-08 05:01:28 EDT
(In reply to Vít Ondruch from comment #14)
> There might be regression introduced by fix for this CVE:
> https://bugs.ruby-lang.org/issues/8575

The regression has been confirmed and the fix applied into SCM:

https://bugs.ruby-lang.org/projects/ruby-trunk/repository/revisions/41805
Comment 20 errata-xmlrpc 2013-07-17 15:23:29 EDT
This issue has been addressed in following products:

  Red Hat Enterprise Linux 5
  Red Hat Enterprise Linux 6

Via RHSA-2013:1090 https://rhn.redhat.com/errata/RHSA-2013-1090.html
Comment 21 errata-xmlrpc 2013-07-23 13:52:17 EDT
This issue has been addressed in following products:

  OpenStack 3 for RHEL 6

Via RHSA-2013:1103 https://rhn.redhat.com/errata/RHSA-2013-1103.html
Comment 23 errata-xmlrpc 2013-08-05 12:05:18 EDT
This issue has been addressed in following products:

  RHEL 6 Version of OpenShift Enterprise 1.2

Via RHSA-2013:1137 https://rhn.redhat.com/errata/RHSA-2013-1137.html

Note You need to log in before you can comment on or make changes to this bug.