Netscape SSL vulnerability
Roberto Santilli
Dopo il bug divulgato a maggio, ecco il nuovo bug di Netscape Navigator
nell'implementazione di SSL che afflige anche la versione 4.73.
Roberto Santilli
-----
By Kevin Fu.
mailto:fu...@MIT.EDU
Netscape vulnerability effectively disables SSL server authentication
Jul, 05 2000 - 09:28
Under certain conditions, users can no longer trust the authenticity of
SSL server certificates in
Netscape.
This new vulnerability makes Netscape's SSL implementation as insecure
as DNS. If you are
victimized by this attack, then you may unknowingly divulge private
information such as credit card
numbers, personal data, passwords to online financial services, or other
sensitive information to
an adversary masquerading as what you think is a trusted SSL server.
Vulnerable systems:
Netscape 4.73 for Linux
Netscape 4.73 for Windows
Netscape 4.73 for Macintosh
All earlier versions of Netscape are vulnerable as well.
Within one Netscape session, if a user clicks on "continue" in response
to a "hostname does not
match name in certificate," then that certificate is incorrectly
validated for future use in the
Netscape session, regardless of the hostname or IP address of other
servers that use the
certificate.
Analysis:
It seems that the "Certificate Name Check" warning will mark a
certificate as valid for any
hostname or IP address in the future. In this way, if an adversary
tricks a user into accepting an
invalid certificate at a seemingly benign site, the user can then be
tricked if s/he ever visits a
malicious site using the same certificate. A benign "continue" click on
https://snafu.mit.edu/
might end up taking away server authentication from visiting
https://www.a-site-that-you-give-private-info.com/ that has poisoned
DNS. This attack may be less
powerful if the malicious server certificate is merely self-signed.
Furthermore, the security community has many examples showing that DNS
is not secure at all. For
instance, a teenager recently defaced the RSA.COM site by launching an
attack against a DNS server.
It should be trivial to attack targeted individuals and not difficult to
attack general users at
large.
Here are some imagined but unimplemented ways that might fool a user
into accepting an invalid
certificate:
* Javascript/Java which references an HTTPS URL.
* Users just clicks.
* Hide the warning window with a pop-up window.
* Email with embedded HTTPS.
* Embed HTTPS images in a web page.
* VBS ILOVEYOU variant virus attachment that appends to hosts.sam and
adds certificate to browser's
certificate database.
Here are some ways one might affect DNS:
* Add a fake DNS entry for the target server in a compromised DNS
server.
* Respond to DNS requests since UDP responses are easily forged.
* Modify /etc/hosts via a known root vulnerability on a UNIX machine. Or
on Windows, append to
c:\windows\hosts.sam or on NT c:\winnt\system32\drivers\etc\hosts
Solutions:
There is a limited software solution if you run Linux, Solaris, or
Windows95/98/NT. Otherwise, you
will have to manually inspect server certificates in Netscape. The CERT
CA-2000-8 advisory better
explains the non-software solution.
If you run one of the above operating systems, then you must install
BOTH Netscape Communicator
(v4.73) and the iPlanet Personal Security Manager (PSM) for the full
fix. PSM appears to manage
certificates more securely. Note, several people have reported problems
installing PSM. I was able
to install PSM successfully in Linux and Windows98, but sometimes the
installation script would
fail from a yet undetermined cause.
Netscape 4.73 download:
http://home.netscape.com/download/
iPlanet Personal Security Manger download:
http://www.iplanet.com/downloads/download/detail_128_316.html
Again, installing the newest Netscape 4.73 alone does not fix this
problem. You must also install
PSM. iPlanet's PSM does not yet exist for the Macintosh.
----