User: Password:
|
|
Subscribe / Log in / New account

Security

SSL man-in-the-middle attacks

By Jake Edge
December 24, 2008

A while back, we looked at the new Firefox 3 warnings for self-signed and expired SSL certificates. As annoying as some found those to be, it certainly increased the visibility of "invalid" certificates. Those certificates could lead to man-in-the-middle attacks, which is what led Mozilla to issue such eye-opening warnings. More recently, Eddy Nigg of Startcom—issuer of free SSL certificates—found another way to do man-in-the-middle attacks without setting off any of the new warnings.

What Nigg found was that he could get a perfectly valid certificate for a domain he did not control: in this case mozilla.com. He could then masquerade as the secure Mozilla site with impunity; any browsers that landed there would verify the certificate as belonging to mozilla.com. He did it through a Comodo reseller with no questions asked: "Five minutes later I was in the possession of a legitimate certificate issued to mozilla.com – no questions asked – no verification checks done – no control validation – no subscriber agreement presented, nothing."

That is clearly a bug in the verification process, but it is completely out of the control of the browser. The browser must trust some set of key signing authorities (i.e. Certificate Authorities or CAs), but has no way to control how well or poorly they actually vet the keys they sign—or their downstream resellers sign. We saw the same potential problem in a slightly different guise with "Extended Validation" certificates back in 2006. It all comes down to trusting CAs.

Sometime after Nigg's story hit Slashdot, Comodo revoked the certificate, which did cause Firefox to put up an error and disallow the connection. One wonders how many bad certificates have been issued but not revoked because a phisher or other scammer received them. One would think those folks would be less likely to publicly announce what they had done.

Bringing attention to the problem will likely help, but there are just too many ways to create bad SSL certificates for those that really want them—bribing CA employees if nothing else. Another useful outcome is that Richard Bejtlich got interested in just how the revocation process works. He collected packet data from accessing Nigg's certificate after it had been revoked which gives look inside the Online Certificate Status Protocol (OCSP).

OCSP is designed to do just what it did, cause a bad certificate to fail when verified by the browser. Nigg's certificate listed an OCSP server that should be consulted. Because that information has been signed by the CA, it can't be tampered with. So long as the browser makes the OCSP check, certificates can be revoked in this manner—as long as the CA is aware that revocation is needed.

Public key cryptography—the basis of SSL and many other encryption schemes—is an amazing method for doing encryption, but it does suffer from a major shortcoming: key exchange. For relatively simple situations, where both parties know each other and have a way to securely exchange keys, it works well. When trying to handle other kinds of communications, either a "web of trust" (a la PGP and GPG) or some kind of trusted authority is required. When those break down, man-in-the-middle and other scams are possible.

Comments (22 posted)

Brief items

MBTA, MIT students discuss security improvements (EFF press release)

The three MIT students who were sued by the Massachusetts Bay Transportation Authority (MBTA) to stop their DEFCON presentation are now working with the agency to improve its security. The students studied MBTA's automated fare collection system, finding it lacking in several respects. "'We've always shared the goal of making the subway as safe and secure as can be,' said student Zack Anderson. 'I am glad that we can work with the MBTA to help the people of Boston, and we are proud to be a part of something that puts public interest first.'" Click below for the full press release.

Full Story (comments: none)

New vulnerabilities

ampache: insecure tmp file usage

Package(s):ampache CVE #(s):CVE-2008-3929
Created:December 24, 2008 Updated:December 24, 2008
Description:

From the Gentoo advisory:

Dmitry E. Oboukhov reported an insecure temporary file usage within the gather-messages.sh script.

A local attacker could perform symlink attacks to overwrite arbitrary files with the privileges of the user running the application.

Alerts:
Gentoo 200812-22 ampache 2008-12-23

Comments (none posted)

avahi: denial of service

Package(s):avahi CVE #(s):CVE-2008-5081
Created:December 19, 2008 Updated:October 15, 2010
Description: From the Ubuntu advisory: Hugo Dias discovered that Avahi did not properly verify it's input when processing mDNS packets. A remote attacker could send a crafted mDNS packet and cause a denial of service (assertion failure).
Alerts:
Mandriva MDVSA-2010:204 avahi 2010-10-14
Gentoo 200901-11 avahi 2009-01-14
Debian DSA-1690-1 avahi 2008-12-22
Ubuntu USN-696-1 avahi 2008-12-18
CentOS CESA-2009:0013 avahi 2009-01-14
Red Hat RHSA-2009:0013-01 avahi 2009-01-12
Fedora FEDORA-2008-11351 avahi 2008-12-17
SuSE SUSE-SR:2009:003 boinc-client, xrdp, phpMyAdmin, libnasl, moodle, net-snmp, audiofile, xterm, amarok, libpng, sudo, avahi 2009-02-02
Mandriva MDVSA-2009:031 avahi 2009-01-30

Comments (none posted)

courier-authlib: SQL injection

Package(s):courier-authlib CVE #(s):CVE-2008-2380
Created:December 22, 2008 Updated:March 12, 2009
Description:

From the Debian advisory:

The MySQL database interface used insufficient escaping mechanisms when constructing SQL statements, leading to SQL injection vulnerabilities if certain charsets are used (CVE-2008-2380).

Alerts:
Gentoo 200903-25 courier-authlib 2009-03-11
Debian DSA-1688-2 courier-authlib 2008-12-22
Debian DSA-1688 courier-authlib 2008-12-20
SuSE SUSE-SR:2009:001 ethereal/wireshark, mysql, imap, rsyslog, courier-authlib, nfs-utils, libxml2, python, jhead, git, samba, vinagre, opera 2009-01-12

Comments (none posted)

drupal-views: SQL injection

Package(s):drupal-views CVE #(s):
Created:December 22, 2008 Updated:December 24, 2008
Description: From the Drupal security alert:

When using an exposed filter on CCK text fields with allowed values, Views does not filter the data correctly. This may allow malicious users to conduct SQL injection attacks against the site.

Alerts:
Fedora FEDORA-2008-11578 drupal-views 2008-12-21
Fedora FEDORA-2008-11519 drupal-views 2008-12-21

Comments (none posted)

flash-plugin: arbitrary code execution

Package(s):flash-plugin CVE #(s):CVE-2008-5499
Created:December 19, 2008 Updated:December 24, 2008
Description: From the Red Hat advisory: A security flaw was found in the way Flash Player displayed certain SWF (Shockwave Flash) content. This may have made it possible to execute arbitrary code on a victim's machine, if the victim opened a malicious Adobe Flash file.
Alerts:
SuSE SUSE-SA:2008:059 flash-player 2008-12-20
Red Hat RHSA-2008:1047-01 flash-plugin 2008-12-19

Comments (none posted)

git: privilege escalation

Package(s):git CVE #(s):
Created:December 22, 2008 Updated:December 24, 2008
Description:

From the Red Hat bugzilla:

Current gitweb has a possible local privilege escalation bug that allows a malicious repository owner to run a command of his choice by specifying diff.external configuration variable in his repository and running a crafted gitweb query.

Recent (post 1.4.3) gitweb itself never generates a link that would result in such a query, and the safest and cleanest fix to this issue is to simply drop the support for it.

Alerts:
Fedora FEDORA-2008-11678 git 2008-12-21
Fedora FEDORA-2008-11650 git 2008-12-21
Fedora FEDORA-2008-11653 git 2008-12-21

Comments (none posted)

kvm: denial of service

Package(s):kvm CVE #(s):CVE-2008-2382
Created:December 24, 2008 Updated:May 13, 2009
Description:

From the Red Hat bugzilla:

A denial of service flaw was discovered in the Qemu processor emulator and Kernel-based Virtual Machine (KVM) due to improper sanitization of the length of the message sent to the host VNC server. A remote attacker could use this flaw to cause an infinite loop via specially-crafted VNC message sent to the particular virtual domain.

Alerts:
Ubuntu USN-776-2 USN-776-1 fixed 2009-05-13
Ubuntu USN-776-1 kvm 2009-05-12
Fedora FEDORA-2008-11727 kvm 2008-12-24
Fedora FEDORA-2008-11705 kvm 2008-12-24
Mandriva MDVSA-2009:009 kvm 2009-01-14
Mandriva MDVSA-2009:008 qemu 2009-01-14
SuSE SUSE-SR:2009:002 imlib2, valgrind, kvm, cups, lynx, xterm 2009-01-19
Ubuntu USN-703-1 xterm 2009-01-06

Comments (none posted)

libvirt: privilege escalation

Package(s):libvirt CVE #(s):CVE-2008-5086
Created:December 18, 2008 Updated:March 19, 2009
Description: libvirt has a privilege escalation vulnerability. From the Ubuntu alert: It was discovered that libvirt did not mark certain operations as read-only. A local attacker may be able to perform privileged actions such as migrating virtual machines, adjusting autostart flags, or accessing privileged data in the virtual machine memory and disks.
Alerts:
Red Hat RHSA-2009:0382-01 libvirt 2009-03-19
SuSE SUSE-SR:2009:004 apache, audacity, dovecot, libtiff-devel, libvirt, mediawiki, netatalk, novell-ipsec-tools,opensc, perl, phpPgAdmin, sbl, sblim-sfcb, squirrelmail, swfdec, tomcat5, virtualbox, websphere-as_ce, wine, xine-devel 2009-02-17
Fedora FEDORA-2008-11443 libvirt 2008-12-21
Fedora FEDORA-2008-11433 libvirt 2008-12-21
Ubuntu USN-694-1 libvirt 2008-12-18

Comments (none posted)

mediawiki: multiple vulnerabilities

Package(s):mediawiki CVE #(s):CVE-2008-5249 CVE-2008-5250 CVE-2008-5252 CVE-2008-5687 CVE-2008-5688
Created:December 24, 2008 Updated:October 5, 2009
Description:

From the Red Hat bugzilla:

* An XSS vulnerability affecting all MediaWiki installations between 1.13.0 and 1.13.2. [CVE-2008-5249]

* A local script injection vulnerability affecting Internet Explorer clients for all MediaWiki installations with uploads enabled. [CVE-2008-5250]

* A local script injection vulnerability affecting clients with SVG scripting capability (such as Firefox 1.5+), for all MediaWiki installations with SVG uploads enabled. [CVE-2008-5250]

* A CSRF vulnerability affecting the Special:Import feature, for all MediaWiki installations since the feature was introduced in 1.3.0. [CVE-2008-5252]

CVE-2008-5687: MediaWiki 1.11 through 1.13.3 does not properly protect against the download of backups of deleted images, which might allow remote attackers to obtain sensitive information via requests for files in images/deleted/.

CVE-2008-5688: MediaWiki 1.8.1 through 1.13.3, when the wgShowExceptionDetails variable is enabled, sometimes provides the full installation path in a debugging message, which might allow remote attackers to obtain sensitive information via unspecified requests that trigger an uncaught exception.

Alerts:
Debian DSA-1901-1 mediawiki1.7 2009-10-05
SuSE SUSE-SR:2009:004 apache, audacity, dovecot, libtiff-devel, libvirt, mediawiki, netatalk, novell-ipsec-tools,opensc, perl, phpPgAdmin, sbl, sblim-sfcb, squirrelmail, swfdec, tomcat5, virtualbox, websphere-as_ce, wine, xine-devel 2009-02-17
Fedora FEDORA-2008-11802 mediawiki 2008-12-24
Fedora FEDORA-2008-11743 mediawiki 2008-12-24
Fedora FEDORA-2008-11688 mediawiki 2008-12-24

Comments (none posted)

moodle: cross-site scripting

Package(s):moodle CVE #(s):CVE-2008-5432
Created:December 22, 2008 Updated:June 25, 2009
Description:

From the CVE entry:

Cross-site scripting (XSS) vulnerability in Moodle before 1.6.8, 1.7 before 1.7.6, 1.8 before 1.8.7, and 1.9 before 1.9.3 allows remote attackers to inject arbitrary web script or HTML via a Wiki page name (aka page title).

Alerts:
Ubuntu USN-791-1 moodle 2009-06-24
Debian DSA-1691-1 moodle 2008-12-22
SuSE SUSE-SR:2009:003 boinc-client, xrdp, phpMyAdmin, libnasl, moodle, net-snmp, audiofile, xterm, amarok, libpng, sudo, avahi 2009-02-02

Comments (none posted)

nagios3: cross-site request forgery

Package(s):nagios3 CVE #(s):CVE-2008-5028
Created:December 22, 2008 Updated:July 20, 2009
Description:

From the Ubuntu advisory:

It was discovered that Nagios was vulnerable to a Cross-site request forgery (CSRF) vulnerability. If an authenticated nagios user were tricked into clicking a link on a specially crafted web page, an attacker could trigger commands to be processed by Nagios and execute arbitrary programs. This update alters Nagios behaviour by disabling submission of CMD_CHANGE commands. (CVE-2008-5028)

Alerts:
Gentoo 200907-15 nagios-core 2009-07-19
Ubuntu USN-698-3 nagios2 2008-12-23
Ubuntu USN-698-2 nagios3 2008-12-22

Comments (none posted)

openvpn: arbitrary code execution

Package(s):openvpn CVE #(s):
Created:December 22, 2008 Updated:December 24, 2008
Description:

From the Red Hat bugzilla:

An OpenVPN client connecting to a malicious or compromised server could potentially receive an "lladdr" or "iproute" configuration directive from the server which could cause arbitrary code execution on the client. A successful attack requires that (a) the client has agreed to allow the server to push configuration directives to it by including "pull" or the macro "client" in its configuration file, (b) the client succesfully authenticates the server, (c) the server is malicious or has been compromised and is under the control of the attacker, and (d) the client is running a non-Windows OS. Credit: David Wagner.

Alerts:
Fedora FEDORA-2008-10691 openvpn 2008-12-22
Fedora FEDORA-2008-10499 openvpn 2008-12-22

Comments (none posted)

pdns: denial of service

Package(s):pdns CVE #(s):CVE-2008-5277
Created:December 22, 2008 Updated:December 24, 2008
Description:

From the Gentoo advisory:

Daniel Drown reported an error when receiving a HINFO CH query (CVE-2008-5277).

A remote attacker could send specially crafted queries to cause a Denial of Service.

Alerts:
Gentoo 200812-19 pdns 2008-12-19

Comments (none posted)

phpCollab: multiple vulnerabilities

Package(s):phpCollab CVE #(s):CVE-2006-1495 CVE-2008-4303 CVE-2008-4304 CVE-2008-4305
Created:December 24, 2008 Updated:December 24, 2008
Description:

From the Gentoo advisory:

* rgod reported that data sent to general/sendpassword.php via the loginForm parameter is not properly sanitized before being used in an SQL statement (CVE-2006-1495).

* Christian Hoffmann of Gentoo Security discovered multiple vulnerabilites where input is insufficiently sanitized before being used in an SQL statement, for instance in general/login.php via the loginForm parameter. (CVE-2008-4303).

* Christian Hoffmann also found out that the variable $SSL_CLIENT_CERT in general/login.php is not properly sanitized before being used in a shell command. (CVE-2008-4304).

* User-supplied data to installation/setup.php is not checked before being written to include/settings.php which is executed later. This issue was reported by Christian Hoffmann as well (CVE-2008-4305).

These vulnerabilities enable remote attackers to execute arbitrary SQL statements and PHP code. NOTE: Some of the SQL injection vulnerabilities require the php.ini option "magic_quotes_gpc" to be disabled. Furthermore, an attacker might be able to execute arbitrary shell commands if "register_globals" is enabled, "magic_quotes_gpc" is disabled, the PHP OpenSSL extension is not installed or loaded and the file "installation/setup.php" has not been deleted after installation.

Alerts:
Gentoo 200812-20 phpCollab 2008-12-21

Comments (none posted)

phpPgAdmin: directory traversal

Package(s):phpPgAdmin CVE #(s):CVE-2008-5587
Created:December 22, 2008 Updated:February 17, 2009
Description:

From the Red Hat bugzilla:

Directory traversal vulnerability in libraries/lib.inc.php in phpPgAdmin 4.2.1 and earlier, when register_globals is enabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the _language parameter to index.php.

Alerts:
openSUSE openSUSE-SU-2012:0493-1 phppgadmin 2012-04-12
SuSE SUSE-SR:2009:004 apache, audacity, dovecot, libtiff-devel, libvirt, mediawiki, netatalk, novell-ipsec-tools,opensc, perl, phpPgAdmin, sbl, sblim-sfcb, squirrelmail, swfdec, tomcat5, virtualbox, websphere-as_ce, wine, xine-devel 2009-02-17
Debian DSA-1693-1 phppgadmin 2008-12-27
Fedora FEDORA-2008-11564 phpPgAdmin 2008-12-21
Fedora FEDORA-2008-11602 phpPgAdmin 2008-12-21
Fedora FEDORA-2008-11576 phpPgAdmin 2008-12-21
Debian DSA-1693-2 phppgadmin 2009-01-21

Comments (none posted)

proftpd: cross-site request forgery

Package(s):proftpd CVE #(s):CVE-2008-4242
Created:December 23, 2008 Updated:March 2, 2009
Description: From the Debian advisory: Maksymilian Arciemowicz of securityreason.com reported that ProFTPD is vulnerable to cross-site request forgery (CSRF) attacks and executes arbitrary FTP commands via a long ftp:// URI that leverages an existing session from the FTP client implementation in a web browser.
Alerts:
Mandriva MDVSA-2009:061 proftpd 2009-02-27
Debian DSA-1689-1 proftpd-dfsg 2008-12-21
Fedora FEDORA-2009-0064 proftpd 2009-01-07
Fedora FEDORA-2009-0195 proftpd 2009-01-07
Fedora FEDORA-2009-0089 proftpd 2009-01-07

Comments (none posted)

roundcubemail: denial of service

Package(s):roundcubemail CVE #(s):CVE-2008-5620
Created:December 22, 2008 Updated:December 24, 2008
Description:

From the Red Hat bugzilla:

RoundCube Webmail (roundcubemail) before 0.2-beta allows remote attackers to cause a denial of service (memory consumption) via crafted size parameters that are used to create a large quota image.

Alerts:
Fedora FEDORA-2008-11456 roundcubemail 2008-12-21
Fedora FEDORA-2008-11535 roundcubemail 2008-12-21
Fedora FEDORA-2008-11581 roundcubemail 2008-12-21

Comments (none posted)

rsyslog: multiple vulnerabilities

Package(s):rsyslog CVE #(s):CVE-2008-5617 CVE-2008-5618
Created:December 22, 2008 Updated:January 12, 2009
Description:

From the rsyslog advisory:

CVE-2008-5617: Due to a coding error in the modularization effort, the $AllowedSender directive is no longer honored but silently accepted. As such, rsyslog-based access control via $AllowedSender is not working and messages from every sender will be accepted by rsyslog. Most importantly, this could lead to misleading log entries or a remote DoS, by a malicious sender simply flooding the system logs with messages until the system runs out of disk space.

From the CVE entry:

CVE-2008-5618: imudp in rsyslog 4.x before 4.1.2, 3.21 before 3.21.9 beta, and 3.20 before 3.20.2 generates a message even when it is sent by an unauthorized sender, which allows remote attackers to cause a denial of service (disk consumption) via a large number of spurious messages.

Alerts:
Fedora FEDORA-2008-11476 rsyslog 2008-12-21
Fedora FEDORA-2008-11538 rsyslog 2008-12-21
SuSE SUSE-SR:2009:001 ethereal/wireshark, mysql, imap, rsyslog, courier-authlib, nfs-utils, libxml2, python, jhead, git, samba, vinagre, opera 2009-01-12

Comments (none posted)

shadow: root privilege escalation

Package(s):shadow CVE #(s):
Created:December 18, 2008 Updated:December 24, 2008
Description: shadow has a root privilege escalation vulnerability. From the Ubuntu alert: Paul Szabo discovered a race condition in login. While setting up tty permissions, login did not correctly handle symlinks. If a local attacker were able to gain control of the system utmp file, they could cause login to change the ownership and permissions on arbitrary files, leading to a root privilege escalation.
Alerts:
Ubuntu USN-695-1 shadow 2008-12-18

Comments (none posted)

vlc: multiple vulnerabilities

Package(s):vlc CVE #(s):CVE-2008-5032 CVE-2008-5036 CVE-2008-5276
Created:December 24, 2008 Updated:June 18, 2009
Description:

From the Gentoo advisory:

Tobias Klein reported the following vulnerabilities:

* A stack-based buffer overflow when processing CUE image files in modules/access/vcd/cdrom.c (CVE-2008-5032).

* A stack-based buffer overflow when processing RealText (.rt) subtitle files in the ParseRealText() function in modules/demux/subtitle.c (CVE-2008-5036).

* An integer overflow when processing RealMedia (.rm) files in the ReadRealIndex() function in real.c in the Real demuxer plugin, leading to a heap-based buffer overflow (CVE-2008-5276).

A remote attacker could entice a user to open a specially crafted CUE image file, RealMedia file or RealText subtitle file, possibly resulting in the execution of arbitrary code with the privileges of the user running the application.

Alerts:
Debian DSA-1819-1 vlc 2009-06-18
Gentoo 200812-24 vlc 2008-12-24

Comments (none posted)

Page editor: Jake Edge
Next page: Kernel development>>


Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds