[New-bugs-announce] [issue18709] SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4073)
report at bugs.python.org
Mon Aug 12 13:32:52 CEST 2013
New submission from Christian Heimes:
Ryan Sleevi of the Google Chrome Security Team has informed us that Python's SSL module doesn't handle NULL bytes inside subjectAltNames general names. It's related to Ruby's CVE-2013-4073 http://www.ruby-lang.org/en/news/2013/06/27/hostname-check-bypassing-vulnerability-in-openssl-client-cve-2013-4073/
Although Python uses a slightly different OpenSSL API to parse a X.509 certificate and turn its fields into a dictionary, our implementation eventually uses an OpenSSL function that fails to handle NULL bytes. This could lead to a breach when an application uses ssl.match_hostname() to match the hostname againt the certificate's subjectAltName's dNSName general names.
When the Ruby issues was announced publicly I already suspected that our code may suffer from the same issue. But I was unable to generate a X.509 certificate with a NULL byte in its X509v3 subjectAltName extension, only in subject and issuer. OpenSSL's config file format just didn't support NULL bytes. But Our code handled the NULL byte in subject in issuer just fine so I gave up. In the light of the bug report I went a different path and eventually I came up with a malicious certificate that showed the reported bug.
components: Extension Modules
stage: patch review
title: SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4073)
versions: Python 2.6, Python 2.7, Python 3.2, Python 3.3, Python 3.4
Python tracker <report at bugs.python.org>
More information about the New-bugs-announce