CVE-2009-2730

Published: 12 August 2009

libgnutls in GnuTLS before 2.8.2 does not properly handle a '\0' character in a domain name in the subject's (1) Common Name (CN) or (2) Subject Alternative Name (SAN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.

Priority

Medium

Status

Package Release Status
gnutls11
Launchpad, Ubuntu, Debian
Upstream Needs triage

gnutls12
Launchpad, Ubuntu, Debian
Upstream Needs triage

gnutls13
Launchpad, Ubuntu, Debian
Upstream Needs triage

gnutls26
Launchpad, Ubuntu, Debian
Upstream
Released (2.8.3)
Patches:
Upstream: http://lists.gnu.org/archive/html/help-gnutls/2009-08/msg00011.html

Notes

AuthorNote
jdstrand
patches in order:
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?h=gnutls_2_8_x&id=a431be86124f900c4082e82d32917f86fcce461a
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?h=gnutls_2_8_x&id=74b6d92f9675ce4e03642c4d6ced4a3a614b07f6
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?h=gnutls_2_8_x&id=40081594e3de518b998f3e5177ed5a9f7707f2e8
http://git.savannah.gnu.org/cgit/gnutls.git/patch/?id=5a58e9d33448235377afd5fbfcee1683dc70eae3
http://git.savannah.gnu.org/cgit/gnutls.git/patch/?id=1ea190d216767dd4ab93b87361cbcb9d4fb3aafc

References

Bugs