|
|
Status: Incomplete Weakness ID: 599 (Weakness Variant)Description Summary The failure to validate certificate data may mean that an attacker may be claiming to be a host which it is not. Common Consequences Integrity the data read may not be properly secured, it might be viewed by an attacker. Authentication trust afforded to the system in question may allow for spoofing or redirection attacks. Potential Mitigations Architecture and Design Ensure that proper authentication is included in the system design. Implementation Understand and properly implement all checks necessary to ensure the identity of entities involved in encrypted communications. Demonstrative Examples C Example: if (!(cert = SSL_get_peer(certificate(ssl)) || !host)) //foo=SSL_get_verify_result(ssl); //if ((X509_V_OK==foo)
Other Notes If the certificate is not checked, it may be possible for a redirection or spoofing attack to allow a malicious host with a valid certificate to provide data under the guise of a trusted host. While the attacker in question may have a valid certificate, it may simply be a valid certificate for a different site. In order to ensure data integrity, we must check that the certificate is valid, and that it pertains to the site we wish to access. Relationships
Time of Introduction  Architecture and Design ImplementationContent History Modifications Eric Dalci. Cigital. 2008-07-01. (External) updated Time_of_Introduction CWE Content Team. MITRE. 2008-09-08. (Internal) updated Common_Consequences, Relationships, Other_Notes Previous Entry Names No OpenSSL Certificate Check Performed before Use (changed 2008-04-11) |
|
|
|||
