Published: 18/08/2013 Updated: 07/11/2023

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

The OpenSSL::SSL.verify_certificate_identity function in lib/openssl/ssl.rb in Ruby 1.8 prior to 1.8.7-p374, 1.9 prior to 1.9.3-p448, and 2.0 prior to 2.0.0-p247 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle malicious users to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ruby-lang ruby 1.8.7
ruby-lang ruby 1.9.3
ruby-lang ruby 1.8.6-26
ruby-lang ruby 2.0.0

Debian Bug report logs - #714541 ruby18: CVE-2013-4073: Hostname check bypassing vulnerability in SSL client Package: ruby18; Maintainer for ruby18 is (unknown); Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 30 Jun 2013 16:12:02 UTC Severity: grave Tags: fixed-upstream, patch, security, upstream Foun ...

An attacker could trick Ruby into trusting a rogue server ...

Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service and other security problems The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-1821 Ben Murphy discovered that unrestricted entity expansion in REXML can lead to a Denial of S ...

Several vulnerabilities have been discovered in the interpreter for the Ruby language The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-1821 Ben Murphy discovered that unrestricted entity expansion in REXML can lead to a Denial of Service by consuming all host memory CVE-2013-4073 William (B ...

The OpenSSL::SSLverify_certificate_identity function in lib/openssl/sslrb in Ruby 18 before 187-p374, 19 before 193-p448, and 20 before 200-p247 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers ...

CWE-310 http://www.ruby-lang.org/en/news/2013/06/27/hostname-check-bypassing-vulnerability-in-openssl-client-cve-2013-4073/https://bugzilla.redhat.com/show_bug.cgi?id=979251 http://rhn.redhat.com/errata/RHSA-2013-1103.html http://lists.opensuse.org/opensuse-updates/2013-07/msg00042.html http://rhn.redhat.com/errata/RHSA-2013-1090.html http://lists.opensuse.org/opensuse-updates/2013-07/msg00044.html http://rhn.redhat.com/errata/RHSA-2013-1137.html http://www.ubuntu.com/usn/USN-1902-1 http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html http://www.debian.org/security/2013/dsa-2809 http://www.debian.org/security/2013/dsa-2738 http://support.apple.com/kb/HT6150 https://puppet.com/security/cve/cve-2013-4073 http://forums.interworx.com/threads/8000-InterWorx-Version-5-0-14-Released-on-Beta-Channel%21 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=714541 https://usn.ubuntu.com/1902-1/https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2013-4073

CVE-2013-4073

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect