Lucene search
K

SSL Certificate Chain Contains Illegitimate TURKTRUST Intermediate CA

🗓️ 07 Jan 2013 00:00:00Reported by TenableType 
nessus
 nessus
🔗 www.tenable.com👁 33 Views

SSL Certificate Chain Contains Illegitimate TURKTRUST Intermediate CA. The X.509 certificate chain sent by the remote host either contains or is signed by an intermediate Certificate Authority (CA) that was accidentally issued by TURKTRUST. Certificate chains descending from this intermediate CA could allow an attacker to perform man-in-the-middle attacks and decode traffic

Refs
Code
#TRUSTED 7297315463fc6e088867fe5141ee19cd524b878929923da96062a4efe6af0a137e73db791877e59f39ce9f9031e9e76a3df91f0a217efa1cae2d92544efa30d62aa79404810c3fbf28d415469b0247f7ec574e81ed94841f0286ce03654e045293cb0b8061cc45c08594e0f34e706161fe28c764846a0b8ee7b9aa71118fd9fd840f3e2aac2dda944d06a98e9397c599426c4b52c606e7560600a0196cb14dac475a5f7372d1da7baee6147691696d654e228704578aef45592981fc14f11954fbf084b227afe31eb7c49d1ddfe25aad4ddc2e33a925b9b666a11277aecd24779bb41331b215cb9847d427635078dd8200512789c9cad044c5a8bc2bc4b602e096478c169c010343dea21a7a721fd4ecc83c92b24cf461e00451c1ba84f8e4e707d014c5ca7a9fe0d0bdb75084c179d38f8425d2b6fea800f30e57be95f5c305dbe56b19cc2380934e72793c4052042bca4712f63e3b6166fb0b1283415cb8de774423460639d46b852a0308fc03ada989966e6545559f0e7186bb17275ed9a94e4093abe14c651c87358bcf7802e817898f9d6eab08daad2536a580443196166cccddca703bceb16cc24c67bf6080af905a2525eb340af24f369b2da2c594eb8a27aeadc609aefc1a4943c4cdf8e442ef5afaa3e86c13f37690d1ec0ed9da3e15492032822d4e5b1e62a2a07720c808adb946fcacdfbf1b49e6f3f1b65d35ab
#TRUST-RSA-SHA256 23ca713525368750ba9f2ef97d3d238963587955208f243526c2d4e7181204775a491e6588b9d5f3c89c2fa0ca01fecb847e779d6431e11540fc22fe10d43acea45f67a2159e076a67b8e48a7cd31359b4cd0542492e3fb5f9508f5b2cbb8d824c608555141777dc6c6a946b7fb0b6419887b24056f82f530450f37c894ec99aadcbd2dacadad4c6440460519e07d3d9d1aaf554ea958f9064ae86db8591c2e3ad9be66f79a6cda7d8017a31364da505c49aedbfe79878f319668de9f263afbed630855b208ba529ecbf8edaa5eb88450432caf345f744892b5fa8b1e5da4bd5bbdfb801a799200e496fcd367a026dc693cfd4a6ace9a5debb86236eb8cb4fdcc2011510b396128b62c067f7c9b9d909ce1e23fae4a40bf740fe5b7b7b348cd3753d458a2537348f1c315b8fadb183c4892da51e068c9516553558fb0bcd2ff04342b68f11095f6076374ecbedcfb9c3ebf017e73357407f951d7a5b7260e2ca8cf9dbf330921700c75a81bd4efee6f66d2dab6bad77a22f86ccd8d3fc70df315674b2419d9235d6a94454b341ccda811d4bd7ce115094354b705bca863f4e9616775c3a7173d21773331f04eda283f84f969c0094dc70a2dba4e5e28a1933ba9c61a15307b4c9b9aea31b35491f408d97c94238133547a2f78effe912a878b9d437514831ecdec38276a2ec6523ac35f77b755010ea3a80b8b183dc1759bda6
#
# (C) Tenable Network Security, Inc.
#

if (NASL_LEVEL < 3208) exit(0);

include("compat.inc");

if (description)
{
  script_id(63398);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/06/16");

  script_name(english:"SSL Certificate Chain Contains Illegitimate TURKTRUST Intermediate CA");
  script_summary(english:"Checks if the certificate chain contains an illegitimate intermediate CA");

  script_set_attribute(attribute:"synopsis", value:
"The SSL certificate chain for this service is not to be trusted.");
  script_set_attribute(attribute:"description", value:
"The X.509 certificate chain sent by the remote host either contains or
is signed by an intermediate Certificate Authority (CA) that was
accidentally issued by TURKTRUST. 

Certificate chains descending from this intermediate CA could allow an
attacker to perform man-in-the-middle attacks and decode traffic.");
  script_set_attribute(attribute:"solution", value:
"Ensure that your software or operating system blacklists the
intermediate CAs.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:N");
  script_set_attribute(attribute:"cvss_score_source", value:"manual");
  script_set_attribute(attribute:"cvss_score_rationale", value:"Score from an in depth analysis done by Tenable");
  # https://docs.microsoft.com/en-us/security-updates/SecurityAdvisories/2013/2798897
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?3af8d914");
  # https://security.googleblog.com/2013/01/enhancing-digital-certificate-security.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?c28f2792");
  # https://blog.mozilla.org/security/2013/01/03/revoking-trust-in-two-turktrust-certficates/
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?d92931ec");
  script_set_attribute(attribute:"see_also", value:"http://www.turktrust.com.tr/kamuoyu-aciklamasi.2.html");


  script_set_attribute(attribute:"vuln_publication_date", value:"2012/12/26");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/01/07");
  script_set_attribute(attribute:"potential_vulnerability", value:"true");
  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"General");

  script_copyright(english:"This script is Copyright (C) 2013-2025 Tenable Network Security, Inc.");

  script_dependencies("ssl_supported_versions.nasl");
  script_require_keys("Settings/ParanoidReport", "SSL/Supported");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("x509_func.inc");

function get_cn()
{
  local_var pair;

  foreach pair (_FCT_ANON_ARGS[0])
  {
    if (pair[0] == '2.5.4.3')
      return pair[1];
  }

  return NULL;
}

get_kb_item_or_exit("SSL/Supported");

# We don't have the full info for both certificates, so we're only
# checking whether DNs and CNs match.
if (report_paranoia < 2)
  audit(AUDIT_PARANOID);

# This is the DN of the legitimate CA.
ca_dn =  make_nested_list(
  make_list(
    '2.5.4.3',
    raw_string(
      "T",
      0xC3, 0x9C,
      "RKTRUST Elektronik Sunucu Sertifikas",
      0xC4, 0xB1,
      " Hizmetleri"
    )
  ),
  make_list(
    '2.5.4.6',
    'TR'
  ),
  make_list(
    '2.5.4.10',
    raw_string(
      "T",
      0xC3, 0x9C,
      "RKTRUST Bilgi",
      0xC4, 0xB0,
      "leti",
      0xC5, 0x9F,
      "im ve Bili",
      0xC5, 0x9F,
      "im G",
      0xC3, 0xBC,
      "venli",
      0xC4, 0x9F,
      "i Hizmetleri A.",
      0xC5, 0x9E,
      ". (c) Kas",
      0xC4, 0xB1,
      "m  2005"
    )
  )
);

# These are the CN portions of the DNs for the illegitimate
# intermediate CAs. We don't have full information for both.
im_ca_cn_1 = '*.EGO.GOV.TR';
im_ca_cn_2 = 'e-islem.kktcmerkezbankasi.org';

# Get list of ports that use SSL or StartTLS.
port = get_ssl_ports(fork:TRUE);
if (isnull(port))
  exit(1, "The host does not appear to have any SSL-based services.");

# Get the certificate chain from the target.
chain = get_server_cert(
  port     : port,
  encoding : "der",
  getchain : TRUE
);
if (isnull(chain) || max_index(chain) <= 0)
  exit(1, "Failed to retrieve the certificate chain from port " + port + ".");

chain = parse_cert_chain(chain);
if (isnull(chain))
  exit(1, "Failed to parse certificate chain on port " + port + ".");

# What we're looking for is either the intermediate CAs themselves
# showing up in the certificate chain, or a certificate signed by the
# intermediate CAs.
#
# Start at the top since finding the intermediate CA is more important
# than finding a certificate is signed.
found = FALSE;
for (i = max_index(chain) - 1; i >= 0; i--)
{
  cert = chain[i]["tbsCertificate"];
  iss_cn = get_cn(cert["issuer"]);
  sub_cn = get_cn(cert["subject"]);
  bc = get_x509_ext(id:EXTN_BASIC_CONSTRAINTS, cert:cert);

  # Check if the cert is an illegitimate intermediate CA. Note that
  # when TURKTRUST reissues these certs, it won't cause a false
  # positive.
  if (
    obj_cmp(cert["issuer"], ca_dn) &&
    (sub_cn == im_ca_cn_1 || sub_cn == im_ca_cn_2) &&
    bc != NULL && bc["ca"]
  )
  {
    found = "intermediate";
    break;
  }

  # Check if the cert was issued by an illegitimate intermediate CA.
  if (iss_cn == im_ca_cn_1 || iss_cn == im_ca_cn_2)
  {
    found = "signed";
    break;
  }
}

if (!found)
  exit(0, "The certificate chain from port " + port + " is not affected.");

# Report our findings.
report = NULL;
if (report_verbosity > 0)
{
  if (found == "intermediate")
  {
    report =
      '\nThe following certificate is known to be an accidentally issued' +
      '\nillegitimate CA that cannot be trusted :';
  }
  else
  {
    report =
      '\nThe following certificate has been issued by an accidentally' +
      '\nissued illegitimate CA that cannot be trusted :';
  }

  report +=
    '\n' +
    '\n  Subject : ' + format_dn(cert["subject"]) +
    '\n  Issuer  : ' + format_dn(cert["issuer"]) +
    '\n';
}

security_warning(port:port, extra:report);

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation