NVD Vulnerability Detail

CVE-2013-4073

Summary	The OpenSSL::SSL.verify_certificate_identity function in lib/openssl/ssl.rb in Ruby 1.8 before 1.8.7-p374, 1.9 before 1.9.3-p448, and 2.0 before 2.0.0-p247 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
Publication Date	Aug. 18, 2013, 11:52 a.m.
Registration Date	Jan. 26, 2021, 3:42 p.m.
Last Update	Nov. 21, 2024, 10:54 a.m.

CVSS2.0 : MEDIUM
Score	6.8
Vector	AV:N/AC:M/Au:N/C:P/I:P/A:P
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	中
攻撃前の認証要否(Au)	不要
機密性への影響(C)	低
完全性への影響(I)	低
可用性への影響(A)	低
Get all privileges.	いいえ
Get user privileges	いいえ
Get other privileges	いいえ
User operation required	いいえ

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:ruby-lang:ruby:1.8.7:p370::::::
cpe:2.3:a:ruby-lang:ruby:1.9.3:p426::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:p330::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:p334::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:p248::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:p17::::::
cpe:2.3:a:ruby-lang:ruby:1.8.6-26:::::::*
cpe:2.3:a:ruby-lang:ruby:1.9.3:p286::::::
cpe:2.3:a:ruby-lang:ruby:1.9.3:p385::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:p371::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:p299::::::
cpe:2.3:a:ruby-lang:ruby:1.9.3:p383::::::
cpe:2.3:a:ruby-lang:ruby:2.0.0:p195::::::
cpe:2.3:a:ruby-lang:ruby:1.9.3:p429::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:p357::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:p71::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:p22::::::
cpe:2.3:a:ruby-lang:ruby:2.0.0:preview1::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:p352::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:p301::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:p358::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:p160::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:p174::::::
cpe:2.3:a:ruby-lang:ruby:2.0.0:p0::::::
cpe:2.3:a:ruby-lang:ruby:1.9.3:p125::::::
cpe:2.3:a:ruby-lang:ruby:2.0.0:rc1::::::
cpe:2.3:a:ruby-lang:ruby:2.0.0:preview2::::::
cpe:2.3:a:ruby-lang:ruby:1.9.3:p194::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:::::::*
cpe:2.3:a:ruby-lang:ruby:1.8.7:p173::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:p249::::::
cpe:2.3:a:ruby-lang:ruby:1.9.3:::::::*
cpe:2.3:a:ruby-lang:ruby:1.9.3:p392::::::
cpe:2.3:a:ruby-lang:ruby:2.0.0:rc2::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:p302::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:p72::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:p373::::::
cpe:2.3:a:ruby-lang:ruby:1.9.3:p0::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4::::::

Related information, measures and tools

No	URL	タグ
1	http://forums.interworx.com/threads/8000-InterWorx-Version-5-0-14-Released-on-Beta-Channel%21
2	http://forums.interworx.com/threads/8000-InterWorx-Version-5-0-14-Released-on-Beta-Channel%21
3	http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html
4	http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html
5	http://lists.opensuse.org/opensuse-updates/2013-07/msg00042.html
6	http://lists.opensuse.org/opensuse-updates/2013-07/msg00042.html
7	http://lists.opensuse.org/opensuse-updates/2013-07/msg00044.html
8	http://lists.opensuse.org/opensuse-updates/2013-07/msg00044.html
9	http://rhn.redhat.com/errata/RHSA-2013-1090.html
10	http://rhn.redhat.com/errata/RHSA-2013-1090.html
11	http://rhn.redhat.com/errata/RHSA-2013-1103.html
12	http://rhn.redhat.com/errata/RHSA-2013-1103.html
13	http://rhn.redhat.com/errata/RHSA-2013-1137.html
14	http://rhn.redhat.com/errata/RHSA-2013-1137.html
15	http://support.apple.com/kb/HT6150
16	http://support.apple.com/kb/HT6150
17	http://www.debian.org/security/2013/dsa-2738
18	http://www.debian.org/security/2013/dsa-2738
19	http://www.debian.org/security/2013/dsa-2809
20	http://www.debian.org/security/2013/dsa-2809
21	http://www.ruby-lang.org/en/news/2013/06/27/hostname-check-bypassing-vulnerability-in-openssl-client-cve-2013-4073/	Vendor Advisory
22	http://www.ruby-lang.org/en/news/2013/06/27/hostname-check-bypassing-vulnerability-in-openssl-client-cve-2013-4073/	Vendor Advisory
23	http://www.ubuntu.com/usn/USN-1902-1
24	http://www.ubuntu.com/usn/USN-1902-1
25	https://bugzilla.redhat.com/show_bug.cgi?id=979251
26	https://bugzilla.redhat.com/show_bug.cgi?id=979251
27	https://puppet.com/security/cve/cve-2013-4073
28	https://puppet.com/security/cve/cve-2013-4073

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-310	暗号の問題	https://cwe.mitre.org/data/definitions/310.html

JVN Vulnerability Information

Ruby の lib/openssl/ssl.rb における任意の SSL サーバになりすまされる脆弱性

Title	Ruby の lib/openssl/ssl.rb における任意の SSL サーバになりすまされる脆弱性
Summary	Ruby の lib/openssl/ssl.rb の OpenSSL::SSL.verify_certificate_identity 関数は、X.509 証明書の Subject Alternative Name フィールド内のドメイン名に含まれる '\0' 文字を適切に処理しないため、任意の SSL サーバになりすまされる脆弱性が存在します。本脆弱性は、CVE-2009-2408 と関連する問題です。
Possible impacts	中間者攻撃 (man-in-the-middle attack) により、正当な認証局より発行された巧妙に細工された証明書を介して、任意の SSL サーバになりすまされる可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	June 27, 2013, midnight
Registration Date	Aug. 20, 2013, 3:40 p.m.
Last Update	Aug. 10, 2015, 5:49 p.m.

Affected System

アップル

Apple Mac OS X v10.7.5 (PHP)

Apple Mac OS X v10.8.5 (PHP)

Apple Mac OS X v10.9 (PHP)

Apple Mac OS X v10.9 未満 (ruby)

Apple Mac OS X v10.9.1 (PHP)

Apple Mac OS X Server v10.7.5 (PHP)

Ruby-lang.org

Ruby 1.8.7-p374 未満の 1.8

Ruby 1.9.3-p448 未満の 1.9

Ruby 2.0.0-p247 未満の 2.0

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2013-4073	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4073
National Vulnerability Database (NVD)
2	CVE-2013-4073	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4073
SECURITY BLOG
3	CVE-2013-4073 Cryptographic Issues vulnerability in Ruby	https://blogs.oracle.com/sunsecurity/entry/cve_2013_4073_cryptographic_issues

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-310	https://jvndb.jvn.jp/ja/cwe/CWE-310.html

ベンダー情報

No	Name	URL
Apple Mailing Lists
1	APPLE-SA-2013-10-22-3	http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html
2	APPLE-SA-2014-02-25-1	http://lists.apple.com/archives/security-announce/2014/Feb/msg00000.html
Apple Security Updates
3	HT6011	http://support.apple.com/kb/HT6011
4	HT6150	http://support.apple.com/kb/HT6150
Apple セキュリティアップデート
5	HT6011	http://support.apple.com/kb/HT6011?viewlocale=ja_JP
6	HT6150	http://support.apple.com/kb/HT6150?viewlocale=ja_JP
InterWorx
7	InterWorx Version 5.0.14 Released on Beta Channel!	http://forums.interworx.com/threads/8000-InterWorx-Version-5-0-14-Released-on-Beta-Channel!
Red Hat Bugzilla
8	Bug 979251	https://bugzilla.redhat.com/show_bug.cgi?id=979251
Red Hat Security Advisory
9	RHSA-2013:1090	https://rhn.redhat.com/errata/RHSA-2013-1090.html
10	RHSA-2013:1103	https://rhn.redhat.com/errata/RHSA-2013-1103.html
11	RHSA-2013:1137	https://rhn.redhat.com/errata/RHSA-2013-1137.html
Ruby
12	Hostname check bypassing vulnerability in SSL client (CVE-2013-4073)	http://www.ruby-lang.org/en/news/2013/06/27/hostname-check-bypassing-vulnerability-in-openssl-client-cve-2013-4073/

その他

No	Name	URL
JVN
1	JVNVU#95174988	http://jvn.jp/cert/JVNVU95174988/
2	JVNVU#95868425	http://jvn.jp/vu/JVNVU95868425/

Change Log

No	Changed Details	Date of change
0	[2013年08月20日] 掲載 [2013年10月24日] ベンダ情報：オラクル (CVE-2013-4073 Cryptographic Issues vulnerability in Ruby) を追加 [2013年11月07日] 影響を受けるシステム：アップル (HT6011) の情報を追加ベンダ情報：アップル (HT6011) を追加ベンダ情報：アップル (APPLE-SA-2013-10-22-3) を追加参考情報：JVN (JVNVU#95174988) を追加 [2014年02月28日] 影響を受けるシステム：アップル (HT6150) の情報を追加ベンダ情報：アップル (APPLE-SA-2014-02-25-1) を追加ベンダ情報：アップル (HT6150) を追加参考情報：JVN (JVNVU#95868425) を追加 [2015年08月10日] ベンダ情報：InterWorx (InterWorx Version 5.0.14 Released on Beta Channel!) を追加ベンダ情報：レッドハット (RHSA-2013:1137) を追加ベンダ情報：レッドハット (RHSA-2013:1103) を追加ベンダ情報：レッドハット (RHSA-2013:1090) を追加	Feb. 17, 2018, 10:37 a.m.

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:ruby-lang:ruby:1.8.7:p370::::::
cpe:2.3:a:ruby-lang:ruby:1.9.3:p426::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:p330::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:p334::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:p248::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:p17::::::
cpe:2.3:a:ruby-lang:ruby:1.8.6-26:::::::*
cpe:2.3:a:ruby-lang:ruby:1.9.3:p286::::::
cpe:2.3:a:ruby-lang:ruby:1.9.3:p385::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:p371::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:p299::::::
cpe:2.3:a:ruby-lang:ruby:1.9.3:p383::::::
cpe:2.3:a:ruby-lang:ruby:2.0.0:p195::::::
cpe:2.3:a:ruby-lang:ruby:1.9.3:p429::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:p357::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:p71::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:p22::::::
cpe:2.3:a:ruby-lang:ruby:2.0.0:preview1::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:p352::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:p301::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:p358::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:p160::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:p174::::::
cpe:2.3:a:ruby-lang:ruby:2.0.0:p0::::::
cpe:2.3:a:ruby-lang:ruby:1.9.3:p125::::::
cpe:2.3:a:ruby-lang:ruby:2.0.0:rc1::::::
cpe:2.3:a:ruby-lang:ruby:2.0.0:preview2::::::
cpe:2.3:a:ruby-lang:ruby:1.9.3:p194::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:::::::*
cpe:2.3:a:ruby-lang:ruby:1.8.7:p173::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:p249::::::
cpe:2.3:a:ruby-lang:ruby:1.9.3:::::::*
cpe:2.3:a:ruby-lang:ruby:1.9.3:p392::::::
cpe:2.3:a:ruby-lang:ruby:2.0.0:rc2::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:p302::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:p72::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:p373::::::
cpe:2.3:a:ruby-lang:ruby:1.9.3:p0::::::
cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4::::::