[UNIX] Ruby Net::HTTPS Library Insufficent Validation of Server Certificate CN



The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

The SecuriTeam alerts list - Free, Accurate, Independent.

Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html

- - - - - - - - -



Ruby Net::HTTPS Library Insufficent Validation of Server Certificate CN
------------------------------------------------------------------------


SUMMARY

The Ruby Net::HTTP and Net::HTTPS library can be used to make HTTP or
HTTPS connections to remote websites. There are several methods for
performing these types of connections within the Ruby standard library but
the Net::HTTP library is recommended going forward.

A vulnerability results from the Net::HTTPS library failing to validate
the name on the SSL certificate agains the DNS name requested by the user.
By not validating the name, the library allows an attacker to present a
cryptographically valid certificate with an invalid CN.

DETAILS

Vulnerable Systems:
* Ruby version 1.8.5
* Ruby version 1.8.6
* Ruby version Trunk

The vulnerability is caused by the method connect within http.rb file
failing to call post_connection_check after the SSL connection has been
negotiated. Since the server certificates CN is not validated against the
requested DNS name, the attacker can impersonate the target server in a
SSL connection. The integrity and confidentiality benefits of SSL are
removed by this vulnerability.

Example:
If the application uses the following code to connect to the ip address of
https://www.citicards.com:

url = "192.193.222.24" #www.citicards.com IP
path = "/"
http = Net::HTTP.new(url, 443)
http.use_ssl = true
http.ca_file = "verisign.pem"
http.verify_mode = OpenSSL::SSL::VERIFY_PEER
resp, data = http.get(path, nil)

The connection will succeed. This is an obvious failure as the
certificate presented has a CN of www.citicards.com. One caveat is that
the attacker must possess a certificate signed by the CA specified in the
ca_file attribute.

Fix Information:
This issue has been addressed by adding the appropriate post connection
check within http.rb. These patches add the enable_post_connection
parameter, which if set to true, will cause the Net::HTTP library to raise
an exception when the post connection check fails.

The following trunk Ruby checkin contains the related changes:
<http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=13499>
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=13499
<http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=13500>
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=13500

Ruby 1.8.5:
<http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=13502>
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=13502

Ruby 1.8.6:
<http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=13504>
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=13504


ADDITIONAL INFORMATION

The information has been provided by <mailto:cclark@xxxxxxxxxxxxxxxx>
Chris Clark.
The original article can be found at:
<http://www.isecpartners.com/advisories/2007-006-rubyssl.txt>
http://www.isecpartners.com/advisories/2007-006-rubyssl.txt



========================================


This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@xxxxxxxxxxxxxx
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@xxxxxxxxxxxxxx


====================
====================

DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.



Relevant Pages

  • Ruby Net::HTTPS library does not validate server certificate CN
    ... Ruby Net::HTTPS library does not validate server certificate CN ... call post_connection_check after the SSL connection has been negotiated. ...
    (Bugtraq)
  • [UNIX] Peer Authentication Vulnerability In Ingate Products (SIP Over TLS - X.509)
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... attacker to intercept connections to TLS-secured servers that the Ingate ... The vulnerability is only exploitable if an X.509 certificate uses an RSA ... itself, but if an external CA is used, and if that CA uses exponent 3, the ...
    (Securiteam)
  • [UNIX] Vulnerability in OpenCA Signature Verification
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... OpenCA Project is "an open organization aimed to ... This means that a certificate from another PKI can authorize ... operations on the used PKI if the chain of the used signature certificate ...
    (Securiteam)
  • [NEWS] Ruby WEBrick Directory Traversal
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Ruby WEBrick Directory Traversal ... Ruby that uses servlets to extend its capabilities. ... This vulnerability has the following impacts. ...
    (Securiteam)
  • [NEWS] OpenCA Signature Verification Vulnerabilities
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Multiple flaws in OpenCA before version 0.9.1.4 could cause OpenCA to use ... OpenCA which test the signer's certificate. ... included into the signature to create the X.509 object of the signer's ...
    (Securiteam)