Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 442860 (CVE-2012-5524) - <net-im/gajim-0.15.3-r1: Improper handling of invalid certificates (CVE-2012-5524)
Summary: <net-im/gajim-0.15.3-r1: Improper handling of invalid certificates (CVE-2012-...
Status: RESOLVED FIXED
Alias: CVE-2012-5524
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: http://seclists.org/fulldisclosure/20...
Whiteboard: B4 [glsa]
Keywords:
: 458308 (view as bug list)
Depends on: 465198
Blocks:
  Show dependency tree
 
Reported: 2012-11-12 11:58 UTC by Sean Amoss (RETIRED)
Modified: 2014-01-06 19:28 UTC (History)
4 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
errnum should be iterable! (connection.py.patch,455 bytes, patch)
2013-02-20 04:30 UTC, Dmitry Suloev
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Sean Amoss (RETIRED) gentoo-dev Security 2012-11-12 11:58:58 UTC
From the full disclosure mailing list at $URL: 

"Gajim does not seem to properly handle invalid/broken/expired 
certificates. The _ssl_verify_callback function in tls_nb.py is called 
by OpenSSL for every certificate in the certificate chain (CA first, 
server certificate last) but always return True whether an error was 
encountered or not.

This forces OpenSSL to verify each certificate until none is left, at 
which points it will call _ssl_verify_callback one last time with an 
error number of 0.

(This behavior is documented here:  man 3 SSL_CTX_set_verify
"If verify_callback returns 1, the verification process is continued. 
If verify_callback always returns 1, the TLS/SSL handshake will not be 
terminated with respect to verification failures and the connection will 
be established."
And can be observed in function 
crypto/x509/x509_vfy.c:internal_verify() in OpenSSL source code.)

_ssh_verify_callback only stores the last error code, which always is 0 
unless an error was encountered in the deepest level of the chain (the 
CA), so gajim will not warn as long as the CA is recognized.


(...)

This problem goes beyond expired certificates. It is also possible to 
edit any existing and valid server certificate by changing the CN 
manually. The certificate's signature will be become invalid and OpenSSL 
will detect it and return errnum 7 ("Certificate signature failure") but 
gajim will not warn and will proceed with the connection anyway..."

Upstream ticket: https://trac.gajim.org/ticket/7252
Comment 1 Justin Lecher (RETIRED) gentoo-dev 2013-02-19 16:42:22 UTC
+*gajim-0.15.2-r1 (19 Feb 2013)
+
+  19 Feb 2013; Justin Lecher <jlec@gentoo.org> -gajim-0.15.2.ebuild,
+  +gajim-0.15.2-r1.ebuild, +files/gajim-0.15.2-CVE-2012-5524.patch,
+  metadata.xml:
+  Backport fix for CVE-2012-5524, #442860
+
Comment 2 Justin Lecher (RETIRED) gentoo-dev 2013-02-19 16:42:34 UTC
*** Bug 458308 has been marked as a duplicate of this bug. ***
Comment 3 Justin Lecher (RETIRED) gentoo-dev 2013-02-19 16:44:17 UTC
@arches please mark version 1.5.2-r1 stable.
Comment 4 Agostino Sarubbo gentoo-dev 2013-02-19 16:46:14 UTC
Arches, please test and mark stable:
=net-im/gajim-0.15.2-r1
Target keywords : "alpha amd64 ia64 ppc ppc64 sparc x86
Comment 5 Dmitry Suloev 2013-02-20 04:30:36 UTC
Created attachment 339472 [details, diff]
errnum should be iterable!
Comment 6 Dmitry Suloev 2013-02-20 04:35:38 UTC
After updating to gajim-0.15.2-r1 I can't connect to jabber.ru. I find out what problem in connection.py module. Check my patch.
Comment 7 Alexander Tsoy 2013-02-20 09:24:37 UTC
I also can't connect to any server using 0.15.2-r1
Comment 8 Justin Lecher (RETIRED) gentoo-dev 2013-02-20 10:46:13 UTC
Sorry for the broken patch.

*gajim-0.15.2-r3 (20 Feb 2013)
+*gajim-0.15.2-r2 (20 Feb 2013)
+
+  20 Feb 2013; Justin Lecher <jlec@gentoo.org> -gajim-0.15.2-r1.ebuild,
+  +gajim-0.15.2-r2.ebuild, +gajim-0.15.2-r3.ebuild,
+  files/gajim-0.15.2-CVE-2012-5524.patch:
+  Update Patch, thanks Suloev Dmitry for the fix; move to new python eclasses
+
Comment 9 Agostino Sarubbo gentoo-dev 2013-02-20 14:10:54 UTC
alpha stable
Comment 10 Agostino Sarubbo gentoo-dev 2013-02-20 14:11:11 UTC
amd64 stable
Comment 11 Agostino Sarubbo gentoo-dev 2013-02-20 14:11:27 UTC
ia64 stable
Comment 12 Agostino Sarubbo gentoo-dev 2013-02-20 14:11:44 UTC
ppc stable
Comment 13 Agostino Sarubbo gentoo-dev 2013-02-20 14:12:01 UTC
ppc64 stable
Comment 14 Agostino Sarubbo gentoo-dev 2013-02-20 14:12:18 UTC
sparc stable
Comment 15 Agostino Sarubbo gentoo-dev 2013-02-20 14:12:37 UTC
x86 stable
Comment 16 Justin Lecher (RETIRED) gentoo-dev 2013-02-20 14:29:05 UTC
+  20 Feb 2013; Justin Lecher <jlec@gentoo.org> -gajim-0.15.1.ebuild:
+  Drop vulnerable versions for CVE-2012-5524, #442860
+
Comment 17 Nikolay Edigaryev 2013-02-23 08:21:38 UTC
With gajim-0.15.2-CVE-2012-5524 patch applied, Gajim saves only the last character of the SHA-1 fingerprint to the config file.

Thus, when connecting to the server Gajim compares ONLY THE LAST CHARACTER of the server SHA-1 fingerprint and saved SHA-1 fingerprint (which is already one character) — MITM is possible.

I think this happens because type(con.Connection.ssl_fingerprint_sha1) is 'str', thus fingerprint will contain the last character of the con.Connection.ssl_fingerprint_sha1 string.

fingerprint=con.Connection.ssl_fingerprint_sha1[-1]

emerge --info gajim:

Portage 2.1.11.52 (default/linux/x86/13.0/desktop, gcc-4.6.3, glibc-2.16.0, 3.8.0-gentoo i686)
=================================================================
                        System Settings
=================================================================
System uname: Linux-3.8.0-gentoo-i686-AMD_Athlon-tm-_II_X4_640_Processor-with-gentoo-2.2
KiB Mem:     8302828 total,   5666080 free
KiB Swap:    2097148 total,   2097148 free
Timestamp of tree: Sat, 23 Feb 2013 07:00:01 +0000
ld GNU ld (GNU Binutils) 2.23.1
app-shells/bash:          4.2_p42
dev-lang/python:          2.7.3-r3, 3.2.3-r2
dev-util/cmake:           2.8.10.2-r1
dev-util/pkgconfig:       0.28
sys-apps/baselayout:      2.2
sys-apps/openrc:          0.11.8
sys-apps/sandbox:         2.6
sys-devel/autoconf:       2.13, 2.69
sys-devel/automake:       1.9.6-r3, 1.11.6, 1.13.1
sys-devel/binutils:       2.23.1
sys-devel/gcc:            4.6.3
sys-devel/gcc-config:     1.8
sys-devel/libtool:        2.4.2
sys-devel/make:           3.82-r4
sys-kernel/linux-headers: 3.7 (virtual/os-headers)
sys-libs/glibc:           2.16.0
Repositories: gentoo x-portage
ACCEPT_KEYWORDS="x86 ~x86"
ACCEPT_LICENSE="*"
CBUILD="i686-pc-linux-gnu"
CFLAGS="-O2 -march=amdfam10 -pipe"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/share/gnupg/qualified.txt /var/bind"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c"
CXXFLAGS="-O2 -march=amdfam10 -pipe"
DISTDIR="/usr/portage/distfiles"
FCFLAGS="-O2 -march=i686 -pipe"
FEATURES="assume-digests binpkg-logs config-protect-if-modified distlocks ebuild-locks fixlafiles merge-sync metadata-transfer news parallel-fetch protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch"
FFLAGS="-O2 -march=i686 -pipe"
GENTOO_MIRRORS="http://mirror.yandex.ru/gentoo-distfiles/"
LANG="en_US.UTF-8"
LC_ALL=""
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
MAKEOPTS="-j5"
PKGDIR="/usr/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage"
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
USE="X a52 aac acl acpi alsa berkdb bluetooth branding bzip2 cairo cdda cdr cli consolekit cracklib crypt cups cxx dbus dri dts dvd dvdr emboss encode exif fam firefox flac fortran gdbm gif gpm gtk iconv ipv6 jpeg lcms ldap libnotify lock mad mmx mng modules mp3 mp4 mpeg mudflap ncurses nls nptl ogg opengl openmp pam pango pcre pdf png policykit ppds qt3support readline sdl session spell sse sse2 ssl startup-notification svg tcpd threads thunar tiff truetype udev udisks unicode upower usb vorbis wxwidgets x264 x86 xcb xml xv xvid zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1 emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="kexi words flow plan sheets stage tables krita karbon braindump" CAMERAS="ptp2" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ubx" INPUT_DEVICES="evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" PHP_TARGETS="php5-3" PYTHON_SINGLE_TARGET="python2_7" PYTHON_TARGETS="python2_7 python3_2" RUBY_TARGETS="ruby18 ruby19" USERLAND="GNU" VIDEO_CARDS="nvidia" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account"
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, USE_PYTHON

=================================================================
                        Package Settings
=================================================================

net-im/gajim-0.15.2-r3 was built with the following:
USE="X crypt dbus libnotify nls spell srv -avahi -gnome -idle -jingle -kde -networkmanager -test -xhtml" PYTHON_TARGETS="python2_7 -python2_6"
Comment 18 Alexander Tsoy 2013-02-23 09:10:44 UTC
(In reply to comment #17)
See bug 458572
Comment 19 Justin Lecher (RETIRED) gentoo-dev 2013-03-18 08:45:28 UTC
With Version 0.15.3 the official patch landed in the tree.
Comment 20 Alexander Tsoy 2013-03-18 15:01:01 UTC
Justin, do you plan to stabilize 0.15.3? The main problem I see is that it needs some dependencies to be stabilized first.
Comment 21 Tobias Heinlein (RETIRED) gentoo-dev 2013-03-24 19:29:18 UTC
(In reply to comment #19)
> With Version 0.15.3 the official patch landed in the tree.

I guess that version can go stable then?
Comment 22 Justin Lecher (RETIRED) gentoo-dev 2013-03-25 17:49:56 UTC
(In reply to comment #21)
> (In reply to comment #19)
> > With Version 0.15.3 the official patch landed in the tree.
> 
> I guess that version can go stable then?

Lets wait for another week. We already caught one bug.
Comment 23 Justin Lecher (RETIRED) gentoo-dev 2013-04-23 08:55:02 UTC
Okay, now the official upstream fix is stable.
Comment 24 Agostino Sarubbo gentoo-dev 2013-04-23 09:03:56 UTC
security please vote
Comment 25 Sergey Popov gentoo-dev 2013-08-22 09:59:36 UTC
GLSA vote: yes
Comment 26 Chris Reffett (RETIRED) gentoo-dev Security 2013-12-11 01:48:35 UTC
GLSA vote: yes, request filed.
Comment 27 GLSAMaker/CVETool Bot gentoo-dev 2014-01-06 19:28:15 UTC
This issue was resolved and addressed in
 GLSA 201401-02 at http://security.gentoo.org/glsa/glsa-201401-02.xml
by GLSA coordinator Sergey Popov (pinkbyte).