Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SSL: The certificate's Common Name (CN) field is not verified #524

Closed
andreyv opened this issue Apr 9, 2013 · 2 comments
Closed

SSL: The certificate's Common Name (CN) field is not verified #524

andreyv opened this issue Apr 9, 2013 · 2 comments
Milestone

Comments

@andreyv
Copy link

andreyv commented Apr 9, 2013

HexChat doesn't check that the server-offered certificate really corresponds to the domain name HexChat is connecting to. In other words, it will accept any certificate, as long as it is signed by one of CAs that OpenSSL trusts.

Attack example: Mallet registers a domain name super.hacker.com and obtains a valid CA-signed SSL certificate for this domain. When Alice is connecting to chat.freenode.net, Mallet MITMs the connection and supplies his own certificate to Alice. Since it is not verified that the certificate actually corresponds to chat.freenode.net, verification succeeds and the secure connection is now compromised.


Want to back this issue? Place a bounty on it! We accept bounties via Bountysource.

@TingPing TingPing modified the milestones: 2.9.8, 2.9.7 Apr 17, 2014
TingPing added a commit that referenced this issue Nov 22, 2014
@mapreri
Copy link
Contributor

mapreri commented Apr 7, 2016

FTR, to this issue CVE-2013-7449 has been assigned.
http://www.openwall.com/lists/oss-security/2016/04/06/2

better late than never...

@TingPing
Copy link
Member

TingPing commented Apr 7, 2016

I love how they try to pretend to know what we think:

these people are not concerned that a man-in-the-middle attacker may intentionally set up something to read or modify their traffic

Which is complete BS btw. This was probably marked an enhancement because it required writing a feature and wasn't a bug in existing code. And obviously we fixed it...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Development

No branches or pull requests

3 participants