Falcon SSL Certificate Verification Security Issue

by Carol~ Moderator - 1/16/13 3:59 PM

In Reply to: VULNERABILITIES / FIXES - January 16, 2013 by Carol~ Moderator

Release Date: 2012-12-27
Last Update : 2013-01-16

Criticality level : Less critical
Impact : Spoofing
Where: From remote
Solution Status : Vendor Workaround

Software: Falcon 0.x

Description:
A security issue has been reported in Falcon, which can be exploited by malicious people to conduct spoofing attacks.

The security issue is caused due to the server hostname not being validated against the domain name in the subject's Common Name (CN) or subjectAltName fields of X.509 certificates. This can be exploited to spoof a SSL server via e.g. Man-in-the-Middle (MitM) attacks.

The security issue is reported in version 0.9.6.8. Prior versions may also be affected.

Solution:
Fixed in the GIT repository.

Provided and/or discovered by:
Alessandro Ghedini in a Debian bug report.

Original Advisory:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=696681

http://secunia.com/advisories/51632