[NEWS] Apple Safari and Konqueror Embedded Common Name Verification Vulnerability
From: SecuriTeam (support_at_securiteam.com)
Date: 05/26/03
- Previous message: SecuriTeam: "[NT] Internet Explorer Program Execution (Flooding)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: list@securiteam.com Date: 26 May 2003 18:47:22 +0200
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
In the US?
Contact Beyond Security at our new California office
housewarming rates on automated network vulnerability
scanning. We also welcome ISPs and other resellers!
Please contact us at: 323-882-8286 or ussales@beyondsecurity.com
- - - - - - - - -
Apple Safari and Konqueror Embedded Common Name Verification Vulnerability
------------------------------------------------------------------------
SUMMARY
Apple Safari and Konqueror Embedded fail to validate the Common Name of a
SSL certificate. This makes it possible to spoof SSL sites, so that users
cannot trust the authenticity of a SSL website.
SSL serves two main purposes. One is to ensure the authenticity of the
server you are communicating with. The other is to provide encrypted
communication. The authenticity part is completely broken (the Common Name
is not verified), therefore the user cannot know if he is communicating
with the host in the address bar.
Exploitation requires a malicious person to spoof DNS records (e.g. see
CERT vulnerability note in "Other References" section).
This type of vulnerability has been found in the past in both Internet
Explorer and Netscape.
DETAILS
Vulnerable systems:
* Konqueror Embedded Safari 1.x
NOTE: This does not affect the ordinary version of Konqueror.
Solution :
Do not use Apple Safari or Konqueror Embedded to access SSL sites, where
you need to trust the authenticity of the certificates.
ADDITIONAL INFORMATION
Reference:
DNS Spoofing: <http://www.kb.cert.org/vuls/id/457875>
http://www.kb.cert.org/vuls/id/457875
The information has been provided by <mailto:code511@code511.com>
code511.
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Previous message: SecuriTeam: "[NT] Internet Explorer Program Execution (Flooding)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
