SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Web Browser)  >   Mozilla Browser Vendors:   Mozilla.org
(Vendor Issues Fix) Mozilla Certificate Management Bug Lets Remote Users Cause Invalid Root CA Certificates to Be Silently Imported
SecurityTracker Alert ID:  1010886
SecurityTracker URL:  http://securitytracker.com/id/1010886
CVE Reference:   CVE-2004-0758   (Links to External Site)
Date:  Aug 6 2004
Impact:   Denial of service via network, Disclosure of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 1.7 and prior versions
Description:   A denial of service vulnerability was reported in Mozilla in the importing of certificates. A remote user can cause an invalid root certificate to be silently imported, causing denial of service conditions for SSL-based connections.

Marcel Boesch that a remote user can send a specially crafted e-mail message to cause a malicious certificate to overwrite a built-in certificate authority (CA) root certificate on the target user's browser. The malicious certificate must have the same distinguished name as the target CA root certificate. This will cause an invalid certificate error message (error -8182) to be displayed on the target user's system when the target user attempts to access an HTTPS URL.

The specially crafted e-mail message can specify that the malicious certificate be imported into the Personal Security Manager on the target user's browser via the 'application/x-x509-email-cert' MIME type.

In addition to e-mail, this flaw can reportedly be exploited via a web page (using an IFRAME tag, for example).

Impact:   A remote user can cause the browser's built-in root CA certificates to be overwritten, causing errors when attempting to establish secure connections.
Solution:   The vendor has issued a fixed version (1.7.2), available at:

http://www.mozilla.org/products/mozilla1.x/

Vendor URL:  bugzilla.mozilla.org/show_bug.cgi?id=249004 (Links to External Site)
Cause:   Access control error, State error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)

Message History:   This archive entry is a follow-up to the message listed below.
Jul 16 2004 Mozilla Certificate Management Bug Lets Remote Users Cause Invalid Root CA Certificates to Be Silently Imported



 Source Message Contents

Subject:  http://bugzilla.mozilla.org/show_bug.cgi?id=249004


http://bugzilla.mozilla.org/show_bug.cgi?id=249004

81  	
Malicious certificates can permanently break HTTPS/SSL (249004)  	
critical / high  	
persistent DOS  	
Malicious email certificates could mask built-in Certificate Authority (CA) certificates. 
Once imported anything signed by the masked CA would not validate, which could be used to 
permanently block all SSL (https:) sites with certs issued by that CA. CAN-2004-0758   	
Marcel Boesch  	
2004-07-27

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC