6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
49.4%
The OpenSSL::SSL.verify_certificate_identity function in lib/openssl/ssl.rb
in Ruby 1.8 before 1.8.7-p374, 1.9 before 1.9.3-p448, and 2.0 before
2.0.0-p247 does not properly handle a ‘\0’ character in a domain name in
the Subject Alternative Name field of an X.509 certificate, which allows
man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted
certificate issued by a legitimate Certification Authority, a related issue
to CVE-2009-2408.
Author | Note |
---|---|
mdeslaur | possible regression: https://bugs.ruby-lang.org/issues/8575 |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 12.04 | noarch | ruby1.8 | < 1.8.7.352-2ubuntu1.3 | UNKNOWN |
ubuntu | 12.10 | noarch | ruby1.8 | < 1.8.7.358-4ubuntu0.3 | UNKNOWN |
ubuntu | 13.04 | noarch | ruby1.8 | < 1.8.7.358-7ubuntu1.1 | UNKNOWN |
ubuntu | 12.04 | noarch | ruby1.9.1 | < 1.9.3.0-1ubuntu2.7 | UNKNOWN |
ubuntu | 12.10 | noarch | ruby1.9.1 | < 1.9.3.194-1ubuntu1.5 | UNKNOWN |
ubuntu | 13.04 | noarch | ruby1.9.1 | < 1.9.3.194-8.1ubuntu1.1 | UNKNOWN |
www.ruby-lang.org/en/news/2013/06/27/hostname-check-bypassing-vulnerability-in-openssl-client-cve-2013-4073/
launchpad.net/bugs/cve/CVE-2013-4073
nvd.nist.gov/vuln/detail/CVE-2013-4073
security-tracker.debian.org/tracker/CVE-2013-4073
ubuntu.com/security/notices/USN-1902-1
www.cve.org/CVERecord?id=CVE-2013-4073