pyOpenSSL hostname check bypassing vulnerability

2013.09.07

Credit: Vincent Danen

Risk: Medium

Local: No

Remote: Yes

CVE: CVE-2013-4314

CWE: CWE-20

CVSS Base Score: 4.3/10

Impact Subscore: 2.9/10

Exploitability Subscore: 8.6/10

Exploit range: Remote

Attack complexity: Medium

Authentication: No required

Confidentiality impact: None

Integrity impact: Partial

Availability impact: None

The pyOpenSSL module implements hostname identity checks but it did not properly handle hostnames in the certificate that contain null bytes.  In all releases prior to 0.13.1, the string formatting of subjectAltName X509Extension instances incorrectly truncated fields of the name when encountering the null byte.

When a CA than an SSL client trusts issues a server certificate that has a null byte in the subjectAltName, remote attackers can obtain a certifcate for 'www.foo.org\0.example.com' from the CA to spoof 'www.foo.org' and conduct man-in-the-middle attacks between the pyOpenSSL-using client and SSL servers.

[1] https://mail.python.org/pipermail/pyopenssl-users/2013-September/000478.html

References:

https://mail.python.org/pipermail/pyopenssl-users/2013-September/000478.html

https://bugzilla.redhat.com/show_bug.cgi?id=1005325

http://seclists.org/oss-sec/2013/q3/560

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

pyOpenSSL hostname check bypassing vulnerability

References:

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.