CVE-2003-0370
CVSS7.5
发布时间 :2003-06-16 00:00:00
修订时间 :2008-09-10 15:18:47
NMCOS    

[原文]Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack.


[CNNVD]KDE / Konqueror Embedded Common Name证书验证漏洞(CNNVD-200306-100)

        Konqueror Embedded和KDE 2.2.2及其更早的版本没有验证X.509证书的Common Name (CN)字段,远程攻击者可能利用该漏洞借助一个man-in-the-middle攻击骗取证书。

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:kde:konqueror_embedded:0.1
cpe:/o:turbolinux:turbolinux_server:7.0
cpe:/a:apple:safari:1.0:betaApple Safari 1.0 Beta
cpe:/o:redhat:linux:7.1Red Hat Linux 7.1
cpe:/o:turbolinux:turbolinux_workstation:7.0
cpe:/o:redhat:linux:7.2Red Hat Linux 7.2
cpe:/o:kde:kde:2.2.2
cpe:/o:turbolinux:turbolinux_workstation:8.0
cpe:/o:turbolinux:turbolinux_server:8.0
cpe:/a:apple:safari:1.0:beta2Apple Safari 1.0 Beta2

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0370
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0370
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200306-100
(官方数据源) CNNVD

- 其它链接及资源

http://www.redhat.com/support/errata/RHSA-2003-192.html
(VENDOR_ADVISORY)  REDHAT  RHSA-2003:192
http://www.kde.org/info/security/advisory-20030602-1.txt
(VENDOR_ADVISORY)  CONFIRM  http://www.kde.org/info/security/advisory-20030602-1.txt
http://www.turbolinux.com/security/TLSA-2003-36.txt
(UNKNOWN)  TURBO  TLSA-2003-36
http://www.securityfocus.com/archive/1/320707
(VENDOR_ADVISORY)  BUGTRAQ  20030507 Problem: Multiple Web Browsers do not do not validate CN on certificates.
http://www.redhat.com/support/errata/RHSA-2003-193.html
(UNKNOWN)  REDHAT  RHSA-2003:193
http://www.debian.org/security/2003/dsa-361
(UNKNOWN)  DEBIAN  DSA-361
http://lists.grok.org.uk/pipermail/full-disclosure/2003-May/004983.html
(UNKNOWN)  FULLDISC  20030510 [forward]Apple Safari and Konqueror Embedded Common Name Verification Vulnerability
http://www.securityfocus.com/bid/7520
(UNKNOWN)  BID  7520

- 漏洞信息

KDE / Konqueror Embedded Common Name证书验证漏洞
高危 设计错误
2003-06-16 00:00:00 2005-10-20 00:00:00
远程  
        Konqueror Embedded和KDE 2.2.2及其更早的版本没有验证X.509证书的Common Name (CN)字段,远程攻击者可能利用该漏洞借助一个man-in-the-middle攻击骗取证书。

- 公告与补丁

        Please see the referenced advisories for more information.
        KDE Konqueror Embedded 0.1
        
        KDE KDE 2.2.2
        

- 漏洞信息

2538
KDE does not validate the Common Name field

- 漏洞描述

Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack.

- 时间线

2003-08-09 Unknow
Unknow Unknow

- 解决方案

KDE advises users of KDE 2.2.2 to upgrade to either KDE 3.0.5a or KDE 3.1.2. A patch for version 2.2.2 has also been made available: ftp://ftp.kde.org/pub/kde/securi...s/post-2.2.2-kdelibs-kssl-2.diff ftp://ftp.kde.org/pub/kde/securi...es/post-2.2.2-kdelibs-kio-2.diff Update Konqueror/Embedded to the snapshot of May 16, 2003 or later: http://devel-home.kde.org/~hausm...mbedded-snapshot-20030516.tar.gz Apple has released a new version of Safari which isn't vulnerable. http://www.apple.com/safari/

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

KDE / Konqueror Embedded Common Name Certificate Validation Vulnerability
Design Error 7520
Yes No
2003-05-07 12:00:00 2007-02-21 05:36:00
Discovery of this issue is credited to Simson L. Garfinkel and Jesse Burns.

- 受影响的程序版本

Turbolinux Turbolinux Workstation 8.0
Turbolinux Turbolinux Workstation 7.0
Turbolinux Turbolinux Server 8.0
Turbolinux Turbolinux Server 7.0
KDE Konqueror Embedded 0.1
KDE KDE 2.2.2
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
+ Debian Linux 3.0
+ Debian Linux 2.2 sparc
+ Debian Linux 2.2 powerpc
+ Debian Linux 2.2 IA-32
+ Debian Linux 2.2 arm
+ Debian Linux 2.2 alpha
+ Debian Linux 2.2 68k
+ Debian Linux 2.2
+ Mandriva Linux Mandrake 8.2 ppc
+ Mandriva Linux Mandrake 8.2 ppc
+ Mandriva Linux Mandrake 8.2
+ Mandriva Linux Mandrake 8.2
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.1
+ Red Hat Enterprise Linux AS 2.1 IA64
+ Red Hat Enterprise Linux AS 2.1 IA64
+ Red Hat Enterprise Linux AS 2.1
+ Red Hat Enterprise Linux AS 2.1
+ RedHat Advanced Workstation for the Itanium Processor 2.1
+ RedHat Enterprise Linux ES 2.1 IA64
+ RedHat Enterprise Linux ES 2.1 IA64
+ RedHat Enterprise Linux ES 2.1
+ RedHat Enterprise Linux ES 2.1
+ RedHat Enterprise Linux WS 2.1 IA64
+ RedHat Enterprise Linux WS 2.1 IA64
+ RedHat Enterprise Linux WS 2.1
+ RedHat Enterprise Linux WS 2.1
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 i386
+ RedHat Linux Advanced Work Station 2.1
+ Sun Linux 5.0.7
+ Sun Linux 5.0.7
+ Sun Linux 5.0.6
+ Sun Linux 5.0.6
+ Sun Linux 5.0.5
+ Sun Linux 5.0.5
KDE KDE 3.1.1 a
KDE KDE 3.1.1
+ Conectiva Linux 9.0
+ S.u.S.E. Linux Personal 8.2
+ S.u.S.E. Linux Personal 8.2
KDE KDE 3.1
+ RedHat Linux 9.0 i386
+ S.u.S.E. Linux 8.1
+ S.u.S.E. Linux 8.1
KDE KDE 3.0.5 b
KDE KDE 3.0.5 a
+ RedHat Linux 8.0 i386
+ RedHat Linux 7.3 i386
+ RedHat Linux 7.3 i386
KDE KDE 3.0.5
+ Conectiva Linux 8.0
KDE KDE 3.0.4
+ Conectiva Linux 8.0
+ Gentoo Linux 1.4 _rc1
+ Gentoo Linux 1.2
+ Gentoo Linux 1.2
KDE KDE 3.0.3 a
KDE KDE 3.0.3
+ Conectiva Linux 8.0
+ Conectiva Linux 8.0
+ Conectiva Linux Enterprise Edition 1.0
+ FreeBSD FreeBSD 4.7 -STABLE
+ FreeBSD FreeBSD 4.7 -STABLE
+ Mandriva Linux Mandrake 9.0
+ Mandriva Linux Mandrake 9.0
KDE KDE 3.0.2
+ Mandriva Linux Mandrake 8.2
KDE KDE 3.0.1
KDE KDE 3.0
+ Conectiva Linux 8.0

- 不受影响的程序版本

KDE KDE 3.1.1 a
KDE KDE 3.1.1
+ Conectiva Linux 9.0
+ S.u.S.E. Linux Personal 8.2
+ S.u.S.E. Linux Personal 8.2
KDE KDE 3.1
+ RedHat Linux 9.0 i386
+ S.u.S.E. Linux 8.1
+ S.u.S.E. Linux 8.1
KDE KDE 3.0.5 b
KDE KDE 3.0.5 a
+ RedHat Linux 8.0 i386
+ RedHat Linux 7.3 i386
+ RedHat Linux 7.3 i386
KDE KDE 3.0.5
+ Conectiva Linux 8.0
KDE KDE 3.0.4
+ Conectiva Linux 8.0
+ Gentoo Linux 1.4 _rc1
+ Gentoo Linux 1.2
+ Gentoo Linux 1.2
KDE KDE 3.0.3 a
KDE KDE 3.0.3
+ Conectiva Linux 8.0
+ Conectiva Linux 8.0
+ Conectiva Linux Enterprise Edition 1.0
+ FreeBSD FreeBSD 4.7 -STABLE
+ FreeBSD FreeBSD 4.7 -STABLE
+ Mandriva Linux Mandrake 9.0
+ Mandriva Linux Mandrake 9.0
KDE KDE 3.0.2
+ Mandriva Linux Mandrake 8.2
KDE KDE 3.0.1
KDE KDE 3.0
+ Conectiva Linux 8.0

- 漏洞讨论

Konqueror Embedded web browser fails to correctly validate that Common Name (CN) field for X.509 certificates when a SSL/TLS session is negotiated. The browser fails to detect cases where the CN doesn't match the hostname of the server. This could lead to a variety of attacks, including the possibility of allowing a malicious server to masquerade as a trusted server.

The non-embedded Konqueror distribution is reportedly not affected by this issue.

- 漏洞利用

An exploit is not required.

- 解决方案

Please see the referenced advisories for more information.


KDE Konqueror Embedded 0.1

KDE KDE 2.2.2

Turbolinux Turbolinux Server 7.0

Turbolinux Turbolinux Workstation 7.0

Turbolinux Turbolinux Workstation 8.0

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站