oss-sec mailing list archives
Re: CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly
From: Joe Orton <jorton () redhat com>
Date: Sat, 4 Sep 2010 14:37:25 +0100
On Fri, Sep 03, 2010 at 06:20:49PM +0200, Jan Lieskovsky wrote:
1, Network Security Services (NSS) handled wildcard (*) character
in the Common Name field of a x509v3 digital certificate.
If an attacker is able to get a carefully-crafted certificate,
signed by a Certificate Authority trusted by Firefox, the attacker
could use the certificate during the man-in-the-middle attack and
potentially confuse Firefox into accepting it by mistake. Different
vulnerability than CVE-2009-2408.
I would suspect that many of the usual raft of OpenSSL-based apps with hand-crafted cert identity checks will be vulnerable to this too, where wildcard certs are supported. Regards, Joe
Current thread:
- CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly Jan Lieskovsky (Sep 03)
- Re: CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly Reed Loden (Sep 03)
- Re: CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly Julien Cristau (Sep 03)
- Re: CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly Reed Loden (Sep 03)
- Re: CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly Julien Cristau (Sep 03)
- Re: CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly Joe Orton (Sep 04)
- Re: CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly Richard Moore (Sep 05)
- Re: CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly Florian Weimer (Sep 06)
- Re: CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly Tomas Hoger (Sep 27)
- Re: CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly Reed Loden (Sep 03)