CVE-2009-2409 – deprecate MD2 in SSL cert validation (Kaminsky)
https://notcve.org/view.php?id=CVE-2009-2409
The Network Security Services (NSS) library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash collision in less than brute-force time. NOTE: the scope of this issue is currently limited because the amount of computation required is still large. La librería Network Security Services (NSS) en versiones anteriores a 3.12.3, como se utiliza en Firefox; GnuTLS en versiones anteriores a 2.6.4 y 2.7.4; OpenSSL 0.9.8 hasta la versión 0.9.8k; y otros productos que soportan MD2 con certificados X.509, lo que podrían permitir a atacantes remotos falsificar certificados usando defectos de diseño de MD2 para generar una colisión de hash en menos que tiempo que con fuerza bruta. NOTA: el alcance de este problema está actualmente limitado porque la cantidad de computación requerida es todavía grande. • http://java.sun.com/j2se/1.5.0/ReleaseNotes.html http://java.sun.com/javase/6/webnotes/6u17.html http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html http://secunia.com/advisories/36139 http://secunia.com/advisories/36157 http://secunia.com/advisories/36434 http://secunia.com/advisories/36669 http://secunia.com/advisories/36739 http://secunia.com/advisories/37386 http://secunia.com/advisories/42467 http://security.gentoo.org/glsa/glsa-200911-02.x • CWE-310: Cryptographic Issues •
CVE-2009-1416 – GnuTLS 2.6.x - libgnutls lib/gnutls_pk.c DSA Key Storage Remote Spoofing
https://notcve.org/view.php?id=CVE-2009-1416
lib/gnutls_pk.c in libgnutls in GnuTLS 2.5.0 through 2.6.5 generates RSA keys stored in DSA structures, instead of the intended DSA keys, which might allow remote attackers to spoof signatures on certificates or have unspecified other impact by leveraging an invalid DSA key. lib/gnutls_pk.c en libgnutls en GnuTLS v2.5.0 hasta v2.6.5 genera claves RSA almacenados en estructuras DSA, en lugar de las claves DSA previstas, lo cual podría permitir a atacantes remotos suplantar firmas en los certificados o tener otro impacto no especificado por el utilizamiento de una clave DSA no es válida. • https://www.exploit-db.com/exploits/32965 http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3516 http://lists.gnu.org/archive/html/help-gnutls/2009-04/msg00018.html http://secunia.com/advisories/34842 http://secunia.com/advisories/35211 http://security.gentoo.org/glsa/glsa-200905-04.xml http://www.mandriva.com/security/advisories?name=MDVSA-2009:116 http://www.securityfocus.com/bid/34783 http://www.securitytracker.com/id?1022158 http://www.vupen.com/english • CWE-310: Cryptographic Issues •
CVE-2009-1415 – GnuTLS 2.6.x - libgnutls lib/pk-libgcrypt.c Malformed DSA Key Handling Remote Denial of Service
https://notcve.org/view.php?id=CVE-2009-1415
lib/pk-libgcrypt.c in libgnutls in GnuTLS before 2.6.6 does not properly handle invalid DSA signatures, which allows remote attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a malformed DSA key that triggers a (1) free of an uninitialized pointer or (2) double free. lib/pk-libgcrypt.c en libgnutls en GnuTLS anterior a v2.6.6 no maneja correctamente las firmas DSA, lo cual permite a atacantes remotos provocar una denegación de servicio (cuelgue de aplicación) y posiblemente tiene otro impacto no especificado a través de una clave DSA malformada que desencadena (1) una liberación del puntero no inicializado. (2) una doble liberación. • https://www.exploit-db.com/exploits/32964 http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3515 http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3502 http://secunia.com/advisories/34842 http://secunia.com/advisories/35211 http://security.gentoo.org/glsa/glsa-200905-04.xml http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3488 http://www.mandriva.com/security/advisories?name=MDVSA-2009:116 http://www.securityfocus.com/bid/34783 http:/& • CWE-824: Access of Uninitialized Pointer •
CVE-2009-1417
https://notcve.org/view.php?id=CVE-2009-1417
gnutls-cli in GnuTLS before 2.6.6 does not verify the activation and expiration times of X.509 certificates, which allows remote attackers to successfully present a certificate that is (1) not yet valid or (2) no longer valid, related to lack of time checks in the _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls_x509, as used by (a) Exim, (b) OpenLDAP, and (c) libsoup. gnutls-cli en GnuTLS anteriores a v2.6.6 no verifica la activación y tiempos de caducidad de los certificados X.509, lo cual permite a atacantes remotos presentar con éxito un certificado que (1) aún es válido o (2) ya no es válido, en relación con la falta de controles en el tiempo la función _gnutls_x509_verify_certificate en lib/x509/verify.c en libgnutls_x509, utilizado por (a) Exim, (b) OpenLDAP y (c) libsoup. • http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3517 http://secunia.com/advisories/34842 http://secunia.com/advisories/35211 http://security.gentoo.org/glsa/glsa-200905-04.xml http://www.mandriva.com/security/advisories?name=MDVSA-2009:116 http://www.securityfocus.com/bid/34783 http://www.securitytracker.com/id?1022159 http://www.vupen.com/english/advisories/2009/1218 https://exchange.xforce.ibmcloud.com/vulnerabilities/50261 • CWE-310: Cryptographic Issues •
CVE-2008-4989 – gnutls: certificate chain verification flaw
https://notcve.org/view.php?id=CVE-2008-4989
The _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls in GnuTLS before 2.6.1 trusts certificate chains in which the last certificate is an arbitrary trusted, self-signed certificate, which allows man-in-the-middle attackers to insert a spoofed certificate for any Distinguished Name (DN). La función _gnutls_x509_verify_certificate en lib/x509/verify.c en libgnutls en GnuTLS antes de v2.6.1 confía en las cadenas de certificado en las que el último certificado es un certificado de confianza arbitraria, auto-firmado, lo que permite a atacantes de tipo "hombre en el medio" (man-in-the-middle) insertar un certificado falso para cualquier Distinguished Name(DN). • http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3215 http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3217 http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html http://secunia.com/advisories/32619 http://secunia.com/advisories/32681 http://secunia.com/advisories/32687 http://secunia.com/advisories/32879 http://secunia.com/advisories/33501 http://secunia.com/advi • CWE-295: Improper Certificate Validation •