exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Apache HttpComponents Man-In-The-Middle

Apache HttpComponents Man-In-The-Middle
Posted Aug 18, 2014
Authored by Subodh Iyengar

Apache HttpComponents (prior to revision 4.3.5/4.0.2) may be susceptible to a 'Man in the Middle Attack' due to a flaw in the default hostname verification during SSL/TLS when a specially crafted server side certificate is used.

tags | advisory
advisories | CVE-2014-3577
SHA-256 | 889514603cc555b13c01e72b05be1ebefa0cbf2ff89b15aa2ff8b3f9c2602bf1

Apache HttpComponents Man-In-The-Middle

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Security Advisory - Apache Software Foundation
Apache HttpComponents / hc.apache.org

Hostname verification susceptible to MITM attack

CVE-2014-3577 / CVSS 1.4

Apache HttpComponents (prior to revision 4.3.5/4.0.2) may be susceptible
to a 'Man in the Middle Attack' due to a flaw in the default hostname
verification during SSL/TLS when a specially crafted server side
certificate is used.

Background
- ----------

During an SSL connection (https) the client verifies the hostname in
the URL against the hostname as encoded in the servers certificate (CN,
subjectAlt fields). This is to ensure that the client connects to the
'real' server, as opposed to something in middle (man in the middle)
that may compromise end to end confidentiality and integrity.

Details
- -------

The flaw is in the default Apache HttpComponents

org.apache.http.conn.ssl.AbstractVerifier

that is used in client mode for verification of hostname of the server
side certificate. It parsed the entire subject distinguished name (DN)
for the occurrence of any <CN=> substring (regardles of field).

Therefore a DN of with a O field such as

O="foo,CN=www.apache.org”

and a CN of "www.evil.org” and ordered such that the O appears prior to
the CN field would incorrectly match match on the <www.apache.org> in
the O field as opposed to just the values in the CN and alternative
subject name(s).

The doctored field can be any field but the CN field itself; including
the <E> or emailAddress field as long as it appears before the CN (some
CAs reorder the DN).

A third party in posession of such a doctored certificate and who also
has the ability to intercept or reroute the traffic to a https server
under its control (e.g. through DNS doctoring or various forms of
traffic rerouting or spoofing) can thus perform a 'man in the middle'
attack and compromise end to end confidentiality and integrety.

Note that while some certificate authorities may be relatively strict
on what they allow in the various fields - most are NOT; and allow
for a relatively large amount of leeway in, for example, the OU
and E fields.

Impact:
- -------

A man-in-the-middle can interpose itself between the server and the
code using an affected version of Apache HttpComponents as a client.

Leading to complete loss of end to end confidentiality and end to
end integrety of the connection.

Versions affected:
- ------------------
All versions prior to HttpClient 4.3.5 (including the Android port)
and HttpAsyncClient 4.0.2. The fix was introduced in these versions.

http://search.maven.org/#artifactdetails|org.apache.httpcomponents|
httpclient|4.3.5|jar
http://search.maven.org/#artifactdetails|org.apache.httpcomponents|
httpasyncclient|4.0.2|jar

These have been silently pushed out to Maven central and Apache Dist
as of 2014-08-1. An Android build was released on 2014-08-15.

Resolution
- ----------

A fix has been applied as of revision 1614065 and is part of release
HttpClient 4.3.5 (including HttpClient port for Android against the
official Google Android SDK)and HttpClient (async) 4.0.2.

Upgrading to these versions newer resolves this issue.

Mitigations and work arounds
- ----------------------------

If upgrading to version 4.3.5/4.0.2 is not an option; one could change
the default org.apache.http.conn.ssl.AbstractVerifier of earlier
versions for revision 1614065 of newer.

Note that exploitation of this flaw also requires some level of DNS or
IP spoofing (or existing 'in the middle infrastructure' such as a corporate
proxy or other TCP level equipment en-route). This need may allow for site
specific alternative mitigations.

Reproducing the flaw
- --------------------

If so required; the following statements will allow the testing of a
Apache HttpComponents client against a server with a thus crafted
certificate:

openssl req -new -x509 -keyout /dev/stdout \
-subj "/O=foo, CN=www.apache.org/CN=machine-domain-name/" \
-set_serial 86653 -nodes |\
openssl s_server -cert /dev/stdin -accept 8443 -www

and a Apache HttpComponents client that connects to
"https://www.apache.org:8443/" with the DNS entry for www.apache.org
pointing to the machine-domain-name.

Credits and timeline
- --------------------

The flaw was found and reported by Subodh Iyengar <http://www.subodh.io>,
and Will Shackleton <http://www.shackleton.io/> from Facebook. It was
reported on the 23rd of July. A fix was applied by and released on
2014-08-01. An Android build was released on the 2014-08-15. This
security advisory fully discloses the issue and current insights known
to the Apache Software foundation (the vendor).

Apache would like to thank all involved for their help with this.

A similar issue was reported by Florian Weimer of Red Hat in 2012 and
was fixed by https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692442#56.
It has now been assigned CVE-2012-6153.


Common Vulnerability Scoring (Version 2) and vector
- ---------------------------------------------------

CVSS Base Score 5.8
Impact Subscore 4.9
Exploitability Subscore 8.6
CVSS Temporal Score 4.8
CVSS Environmental Score 1.4
Modified Impact Subscore 5.2
------------------------------
Overall CVSS Score 1.4

CVSS v2 Vector
AV:N/AC:M/Au:N/C:P/I:N/A:P/E:F/RL:OF/RC:C/CDP:L/TD:L/CR:H/IR:L/AR:L

1.09 / : 1692 $
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4
Comment: This message is encrypted and/or signed with PGP (gnu-pg, gpg). Contact dirkx@webweaving.org if you cannot read it.

iQCVAwUBU/GyjDGmPZbsFAuBAQIl+wQAkPN3a4EzlmktJZBCmEvXLrLTAzX5Ay3d
fBjtH6cLgISJTk5TdRxzMneAQldHrvxFZh1Ci3+fhmN/7aHY8FRJHJgeDjWXkSQX
mdg3VabM/alHOa/LunftWqyc3Y2nY8O9vvPZ8xrT6hWXQ6itvAC8T+/HyNsvDbz1
oVdVIRZbjB8=
=huxu
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close