From ${URL} : Nathan Bishop <me@nbishop.name> reported (http://redmine.lighttpd.net/issues/2525) that lighttpd uses vulnerable cipher suites when SNI is used: $HTTP["Host"] == "example.com" { ssl.pemfile = "/etc/ssl/certs/example.com.pem" } $SERVER["socket"] == ":443" { ssl.engine = "enable" ssl.pemfile = "/etc/ssl/certs/default.pem" ssl.cipher-list = "HIGH" } This config uses the "DEFAULT" cipher list for "example.com", which includes export ciphers. More details are available at: http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2013_01.txt Please note that the patch is not final yet, and can't be found in SVN. We're still discussing: * whether other options should work in SNI context (we could add all ssl.ca-files to all SSL_CTX instances) * whether to set a default ssl.cipher-list, and which string to pick @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
CVE-2013-4508 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4508): lighttpd before 1.4.34, when SNI is enabled, configures weak SSL ciphers, which makes it easier for remote attackers to hijack sessions by inserting packets into the client-server data stream or obtain sensitive information by sniffing the network.
Added to existing GLSA draft
This issue was resolved and addressed in GLSA 201406-10 at http://security.gentoo.org/glsa/glsa-201406-10.xml by GLSA coordinator Sergey Popov (pinkbyte).
