Bug 848509 - VUL-0: libgadu: missing ssl certificate validation
VUL-0: libgadu: missing ssl certificate validation
Status: RESOLVED DUPLICATE of bug 848653
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Stanislav Brabec
Security Team bot
CVSSv2:NVD:CVE-2013-4488:4.3:(AV:N/AC...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2013-10-31 14:25 UTC by Marcus Meissner
Modified: 2019-12-10 09:24 UTC (History)
1 user (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2013-10-31 14:25:37 UTC
via oss-sec / libgadu list:

http://comments.gmane.org/gmane.comp.security.oss.general/11397

From: Radhesh Krishnan K <radheshkrishnank@gmail.com>
To: oss-security@lists.openwall.com
Date: Thu, 31 Oct 2013 18:00:56 +0530
Subject: [oss-security] CVE Request

Hi,

I would like to request a CVE for this bug fix in libgadu[1].

[1]  http://www.mail-archive.com/libgadu-devel@lists.ziew.org/msg01017.html

Regards,
Radhesh Krishnan K.

quote mail from above:

Hi,

I would like to report a security bug in libgadu.  libgadu is using openSSL
library for creating secure connections.


A program using openSSL can perform SSL handshake by invoking the
SSL_connect function. Some cetrificate validation errors are signaled
through , the return values of the SSL_connect, while for the others errors
SSL_connect returns OK but sets internal "verify result" flags. Application
must call ssl_get_verify_result function to check if any such errors
occurred.  This check is missing in libgadu. And thus a man-in-the-middle
attack is possible failing all the SSL protection. (Please refer :-
https://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf)

Another way to verify SSL certificate is using the api
SSL_CTX_set_verify.The SSL_CTX_set_verify() API allows you to set the
verification flags in the SSL_CTX structure and a callback function for
customized verification as its third argument. (Setting NULL to the
callback function means the built-in default verification function is
used.) In the second argument of SSL_CTX_set_verify(), you can set the
following macro
(Please refer:- http://www.openssl.org/docs/ssl/SSL_CTX_set_verify.html)

1. SSL_VERIFY_NONE
Server mode: the server will not send a client certificate request to the
client, so the client will not send a certificate.

Client mode: if not using an anonymous cipher (by default disabled), the
server will send a certificate which will be checked. The result of the
certificate verification process can be checked after the TLS/SSL handshake
using the SSL_get_verify_result function. The handshake will be continued
regardless of the verification result.

2. SSL_VERIFY_PEER
3. SSL_VERIFY_FAIL_IF_NO_PEER_CERT
4. SSL_VERIFY_CLIENT_ONCE

However, In libgadu SSL_CTX_set_verify() API  is used but the second
parameter is SSL_VERIFY_NONE and third parameter is NULL, Which means we
should  use SSL_get_verify_result API to verify the peer certificate. But
SSL_get_verify_result API is not used anywhere in libgadu code base which
make the product vulnerable to man-in-the-middle attack.

So the product using libgadu will be vulnerable to  man-in-the-middle
attack.
Comment 1 Swamp Workflow Management 2013-10-31 23:00:27 UTC
bugbot adjusting priority
Comment 2 Stanislav Brabec 2013-11-01 19:41:56 UTC
According to information in the bug 848653 comment 0 (duplicate) there is no way to fix: Gadu-Gadu is a proprietary protocol using proprietary authority:

Upstream suggested that it was a concious decision as libgadu is
reverse-engineered implementation of a proprietary protocol, they had no
control over the certificates used for SSL connections, so they would add a
note to the documentation about this.

My bug 848653 comment 1:

I am not sure what we can do for it. I can only imagine reverse engineering of
SSL certificates provided by the server to guess, how we can verify them. But
it would be a fragile solution, as it is a proprietary protocol.

Instant messengers (with exception of SILC) do not explicitly say, that the
communication is safe from spying.

Documentation of libgadu3 and libgadu-devel is written in Polish language. If
there is any note about security, it should be updated.

Needinfo from Vojtech Dziewiecki, who can read Polish.
Comment 3 Marcus Meissner 2013-11-06 07:43:55 UTC
lets dup to bug 848653

*** This bug has been marked as a duplicate of bug 848653 ***