CVE-2009-2730
HIGH severity · CVSS 7.5 · CWE-310
7.5CVSS HIGH
Summary
libgnutls in GnuTLS before 2.8.2 does not properly handle a '\0' character in a domain name in the subject's (1) Common Name (CN) or (2) Subject Alternative Name (SAN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.
Impact & exploitability
Attack vectorNetwork
Attack complexityLow
Privileges required—
User interaction—
Confidentiality impact—
Integrity impact—
Availability impact—
Exploit probability (EPSS)2%
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected products we track (1)
Recommendation
Apply the vendor fix promptly. Open any affected product above for its exact safe version.
Additional information
- NVD record
- http://article.gmane.org/gmane.network.gnutls.general/1733Advisory
- http://secunia.com/advisories/36266Advisory
- http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html
- http://secunia.com/advisories/36496
- http://www.openwall.com/lists/oss-security/2009/08/14/6
- http://www.redhat.com/support/errata/RHSA-2009-1232.html
- http://www.securityfocus.com/archive/1/507985/100/0/threaded
- http://www.securitytracker.com/id?1022777