The authentication hook (mgs_hook_authz) in mod-gnutls 0.5.10 and earlier does not validate client certificates when GnuTLSClientVerify require is set, which allows remote attackers to spoof clients via a crafted certificate.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Mod-gnutls | Apache | * | 0.5.1 (including) |
| Mod-gnutls | Ubuntu | artful | * |
| Mod-gnutls | Ubuntu | lucid | * |
| Mod-gnutls | Ubuntu | precise | * |
| Mod-gnutls | Ubuntu | trusty | * |
| Mod-gnutls | Ubuntu | upstream | * |
| Mod-gnutls | Ubuntu | utopic | * |
| Mod-gnutls | Ubuntu | vivid | * |
| Mod-gnutls | Ubuntu | wily | * |
| Mod-gnutls | Ubuntu | yakkety | * |
| Mod-gnutls | Ubuntu | zesty | * |
References
- http://issues.outoforder.cc/view.php?id=93
- http://www.debian.org/security/2015/dsa-3177
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=578663
- https://security.gentoo.org/glsa/201709-04
- http://issues.outoforder.cc/view.php?id=93
- http://www.debian.org/security/2015/dsa-3177
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=578663
- https://security.gentoo.org/glsa/201709-04