CVE-2009-3490

Related Files

Mandriva Linux Security Advisory 2009-206

Posted Dec 5, 2009

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-206 - GNU Wget before 1.12 does not properly handle a '\\0' (NUL) character in a domain name in the Common Name field of an X.509 certificate, which allows man-in-the-middle remote attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. This update provides a solution to this vulnerability. Packages for 2008.0 are being provided due to extended support for Corporate products.

tags | advisory, remote, arbitrary, spoof

systems | linux, mandriva

advisories | CVE-2009-3490

SHA-256 | 4d134cb5317746dbabde9ddcb0704cf7d3ebb8c26b5476cc7c3f8d510610cac6

Download | Favorite | View

Gentoo Linux Security Advisory 200910-1

Posted Oct 21, 2009

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 200910-1 - An error in the X.509 certificate handling of Wget might enable remote attackers to conduct man-in-the-middle attacks. The vendor reported that Wget does not properly handle Common Name (CN) fields in X.509 certificates that contain an ASCII NUL (\\0) character. Specifically, the processing of such fields is stopped at the first occurrence of a NUL character. This type of vulnerability was recently discovered by Dan Kaminsky and Moxie Marlinspike. Versions less than 1.12 are affected.

tags | advisory, remote

systems | linux, gentoo

advisories | CVE-2009-3490

SHA-256 | e19b1568c90378a3d70151fe317843af4d60f22b3c3395301e1bcc36f4edb4fd

Download | Favorite | View

Debian Linux Security Advisory 1904-1

Posted Oct 12, 2009

Authored by Debian | Site debian.org

Debian Linux Security Advisory 1904-1 - Daniel Stenberg discovered that wget, a network utility to retrieve files from the Web using http(s) and ftp, is vulnerable to the "Null Prefix Attacks Against SSL/TLS Certificates" published at the Blackhat conference some time ago. This allows an attacker to perform undetected man-in-the-middle attacks via a crafted ITU-T X.509 certificate with an injected null byte in the Common Name field.

tags | advisory, web

systems | linux, debian

advisories | CVE-2009-3490

SHA-256 | 3843134110b6c71b79bd051847e6f367cb74138ba26cadaffdaa04ae54eb2b3c

Download | Favorite | View

Ubuntu Security Notice 842-1

Posted Oct 6, 2009

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 842-1 - It was discovered that Wget did not correctly handle SSL certificates with zero bytes in the Common Name. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.

tags | advisory, remote

systems | linux, ubuntu

advisories | CVE-2009-3490

SHA-256 | b9dec6517e790c9e09c7a94658d37d6b784a845a1b7ece20faae1c0bbc910b8d

Download | Favorite | View