oss-sec mailing list archives

Re: nss RSA forgery (CVE-2014-1568)

From: Nick Semenkovich <nick () semenkovich com>
Date: Wed, 24 Sep 2014 17:59:21 -0500

The commits are available in the mercurial repo:

https://hg.mozilla.org/projects/nss/rev/fb7208e91ae8
https://hg.mozilla.org/projects/nss/rev/ad411fb64046
https://hg.mozilla.org/projects/nss/rev/4e90910ad2f9

Offhand, it looks like an issue with the encoding of DigestInfo.



On Wed, Sep 24, 2014 at 5:03 PM, Hanno Böck <hanno () hboeck de> wrote:


One serious vuln per day isn't enough, so nss decided to bring us
another one.

Mozilla reports this:
https://www.mozilla.org/security/announce/2014/mfsa2014-73.html
Bugtracker entry still private, so hard to judge about details.
Interesting: Two independent discoveries (we had the same with
heartbleed and I couldn't believe this was coincidence).

This is what mcaffee has to say:
http://blogs.mcafee.com/executive-perspectives/need-know-berserk-mozilla

They say its related to BER/ASN1-parsing, but adam langley disagrees:
https://twitter.com/agl__/status/514881918110683136


And it seems cyassl had something similar, also found by intel:
http://www.yassl.com/yaSSL/Blog/Entries/2014/9/12_CyaSSL_3.2.0_Released.html

No real details yet and information seems confusing.

--
Hanno Böck
http://hboeck.de/

mail/jabber: hanno () hboeck de
GPG: BBB51E42





-- 
Nick Semenkovich
Laboratory of Dr. Jeffrey I. Gordon
Medical Scientist Training Program
School of Medicine
Washington University in St. Louis
https://nick.semenkovich.com/

Current thread:

nss RSA forgery (CVE-2014-1568) Hanno Böck (Sep 24)
- Re: nss RSA forgery (CVE-2014-1568) Marcus Meissner (Sep 24)
  - Re: nss RSA forgery (CVE-2014-1568) Yves-Alexis Perez (Sep 25)
- Re: nss RSA forgery (CVE-2014-1568) Nick Semenkovich (Sep 24)
- Re: nss RSA forgery (CVE-2014-1568) Hanno Böck (Sep 25)
  - Re: nss RSA forgery (CVE-2014-1568) Hanno Böck (Sep 25)