Vigil@nce: GnuTLS, incorrect certificate chain verification
November 2008 by Vigil@nce
An attacker can use an invalid certification chain which is not rejected by GnuTLS, in order to create a man-in-the-middle attack.
Consequences: data reading, data flow
Provenance: internet server
Means of attack: 1 attack
Ability of attacker: technician (2/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Creation date: 12/11/2008
Red Hat Enterprise Linux
Unix - plateform
The GnuTLS library can be used to implement TLS/SSL clients/servers.
A TLS client/server has for example a X.509 certificate, certified by an intermediary certification authority, which is certified by a root certification authority. GnuTLS has to go though this certification chain to ensure that the client/server certificate is trusted.
However, if the certificate of the intermediary certification authority is self-signed, GnuTLS accepts the certification chain.
An attacker can for example setup a malicious web site offering this certification chain, in order to deceive web clients linked to GnuTLS.
Identifiers: BID-32232, CVE-2008-4989, FEDORA-2008-9530, FEDORA-2008-9600, GNUTLS-SA-2008-3, MDVSA-2008:227, RHSA-2008:0982-01, SSA:2008-315-01, VIGILANCE-VUL-8235 Pointed by: VIGILANCE-VUL-8249