CWE-297 对宿主不匹配的证书验证不恰当

Improper Validation of Certificate with Host Mismatch

结构: Simple

Abstraction: Variant

状态: Incomplete

被利用可能性: High

基本描述

The software communicates with a host that provides a certificate, but the software does not properly ensure that the certificate is actually associated with that host.

扩展描述

Even if a certificate is well-formed, signed, and follows the chain of trust, it may simply be a valid certificate for a different site than the site that the software is interacting with. If the certificate's host-specific data is not properly checked - such as the Common Name (CN) in the Subject or the Subject Alternative Name (SAN) extension of an X.509 certificate - it may be possible for a redirection or spoofing attack to allow a malicious host with a valid certificate to provide data, impersonating a trusted host. In order to ensure data integrity, the certificate must be valid and it must pertain to the site that is being accessed.

Even if the software attempts to check the hostname, it is still possible to incorrectly check the hostname. For example, attackers could create a certificate with a name that begins with a trusted name followed by a NUL byte, which could cause some string-based comparisons to only examine the portion that contains the trusted name.

This weakness can occur even when the software uses Certificate Pinning, if the software does not verify the hostname at the time a certificate is pinned.

相关缺陷

  • cwe_Nature: ChildOf cwe_CWE_ID: 923 cwe_View_ID: 1000 cwe_Ordinal: Primary

  • cwe_Nature: ChildOf cwe_CWE_ID: 295 cwe_View_ID: 1000

  • cwe_Nature: ChildOf cwe_CWE_ID: 295 cwe_View_ID: 699 cwe_Ordinal: Primary

适用平台

Language: {'cwe_Class': 'Language-Independent', 'cwe_Prevalence': 'Undetermined'}

Paradigm: {'cwe_Name': 'Mobile', 'cwe_Prevalence': 'Undetermined'}

常见的影响

范围 影响 注释
Access Control Gain Privileges or Assume Identity The data read from the system vouched for by the certificate may not be from the expected system.
['Authentication', 'Other'] Other Trust afforded to the system in question - based on the malicious certificate - may allow for spoofing or redirection attacks.

检测方法

Dynamic Analysis with Manual Results Interpretation

Set up an untrusted endpoint (e.g. a server) with which the software will connect. Create a test certificate that uses an invalid hostname but is signed by a trusted CA and provide this certificate from the untrusted endpoint. If the software performs any operations instead of disconnecting and reporting an error, then this indicates that the hostname is not being checked and the test certificate has been accepted.

Black Box

When Certificate Pinning is being used in a mobile application, consider using a tool such as Spinner [REF-955]. This methodology might be extensible to other technologies.

可能的缓解方案

Architecture and Design

策略:

Fully check the hostname of the certificate and provide the user with adequate information about the nature of the problem and how to proceed.

Implementation

策略:

If certificate pinning is being used, ensure that all relevant properties of the certificate are fully validated before the certificate is pinned, including the hostname.

示例代码

The following OpenSSL code obtains a certificate and verifies it.

bad C

cert = SSL_get_peer_certificate(ssl);
if (cert && (SSL_get_verify_result(ssl)==X509_V_OK)) {

// do secret things
}

Even though the "verify" step returns X509_V_OK, this step does not include checking the Common Name against the name of the host. That is, there is no guarantee that the certificate is for the desired host. The SSL connection could have been established with a malicious host that provided a valid certificate.

分析过的案例

标识 说明 链接
CVE-2012-5810 Mobile banking application does not verify hostname, leading to financial loss. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5810
CVE-2012-5811 Mobile application for printing documents does not verify hostname, allowing attackers to read sensitive documents. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5811
CVE-2012-5807 Software for electronic checking does not verify hostname, leading to financial loss. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5807
CVE-2012-3446 Cloud-support library written in Python uses incorrect regular expression when matching hostname. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3446
CVE-2009-2408 Web browser does not correctly handle '\0' character (NUL) in Common Name, allowing spoofing of https sites. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2408
CVE-2012-0867 Database program truncates the Common Name during hostname verification, allowing spoofing. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0867
CVE-2010-2074 Incorrect handling of '\0' character (NUL) in hostname verification allows spoofing. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2074
CVE-2009-4565 Mail server's incorrect handling of '\0' character (NUL) in hostname verification allows spoofing. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4565
CVE-2009-3767 LDAP server's incorrect handling of '\0' character (NUL) in hostname verification allows spoofing. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3767
CVE-2012-5806 Payment processing module does not verify hostname when connecting to PayPal using PHP fsockopen function. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5806
CVE-2012-2993 Smartphone device does not verify hostname, allowing spoofing of mail services. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2993
CVE-2012-5804 E-commerce module does not verify hostname when connecting to payment site. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5804
CVE-2012-5824 Chat application does not validate hostname, leading to loss of privacy. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5824
CVE-2012-5822 Application uses third-party library that does not validate hostname. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5822
CVE-2012-5819 Cloud storage management application does not validate hostname. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5819
CVE-2012-5817 Java library uses JSSE SSLSocket and SSLEngine classes, which do not verify the hostname. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5817
CVE-2012-5784 SOAP platform does not verify the hostname. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5784
CVE-2012-5782 PHP library for payments does not verify the hostname. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5782
CVE-2012-5780 Merchant SDK for payments does not verify the hostname. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5780
CVE-2003-0355 Web browser does not validate Common Name, allowing spoofing of https sites. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0355

分类映射

映射的分类名 ImNode ID Fit Mapped Node Name
CLASP Failure to validate host-specific certificate data

引用