SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   OS (Other)  >   Blackberry OS Vendors:   Research In Motion Limited
Blackberry OS NULL Character Flaw in Common Name Field Lets Remote Users Spoof Certficiates
SecurityTracker Alert ID:  1022951
SecurityTracker URL:  http://securitytracker.com/id/1022951
CVE Reference:   CVE-2009-3477   (Links to External Site)
Updated:  Oct 6 2009
Original Entry Date:  Sep 28 2009
Impact:   Modification of authentication information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 4.5.0.173, 4.6.0.303, 4.6.1.309, 4.7.0.179, 4.7.1.57
Description:   A vulnerability was reported in Blackberry OS. A remote user can spoof certificates of arbitrary sites.

A remote user can create a certificate with a specially crafted Common Name field that contains a NULL character. Once the certificate is signed by a Certificate Authority, the certificate can be used to spoof a target site's certificate.

The browser will correctly detect the mismatch between the certificate and the domain name. However, the resulting dialog box to warn the user of the mismatch does not display null characters, which may confuse some users and cause them to connect to the spoofed site.

Mobile Security Lab and CESG separately reported this vulnerability.

Impact:   A remote user can spoof certificates of arbitrary sites.
Solution:   The vendor has issued a fix (4.5.0.173, 4.6.0.303, 4.6.1.309, 4.7.0.179, 4.7.1.57).

The vendor's advisory is available at:

www.blackberry.com/btsc/viewContent.do?externalId=KB19552

Vendor URL:  www.blackberry.com/btsc/viewContent.do?externalId=KB19552 (Links to External Site)
Cause:   Input validation error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC