Ruby update fixes SSL man-in-the-middle vulnerability

The OpenSSL implementation bundled with Ruby has been found to be vulnerable to having its hostname check bypassed. 
http://www.h-online.com/security/news/item/Ruby-update-fixes-SSL-man-in-the-middle-vulnerability-1901986.html
Ruby update fixes SSL vulnerability
The flaw, rooted in the lack of proper handling of alternate X509 names with null bytes in them, could allow an attacker to present a certificate for "www.ruby-lang.org\0example.com" which when read by the Ruby client library, would be interpreted as "www.ruby-lang.org". That result would be handed over to the certificate verfication routines which would cause the certificate would be identified as coming from "www.ruby-lang.org". If an attacker could get a certificate where thesubjectAltName included such a null byte, they could use that certificate to interpose themselves between a victim and the site.

No comments:

Post a Comment