CVE-2015-0210
published 2017-08-28CVE-2015-0210: wpa_supplicant 2.0-16 does not properly check certificate subject name, which allows remote attackers to cause a man-in-the-middle attack.
PriorityP428medium5.9CVSS 3.0
AVNACHPRNUINSUCHINAN
EPSS
0.90%
55.3th percentile
wpa_supplicant 2.0-16 does not properly check certificate subject name, which allows remote attackers to cause a man-in-the-middle attack.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| w1.fi | wpa_supplicant | — | — |
CVSS provenance
nvdv3.05.9MEDIUMCVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:P/I:N/A:N
vendor_redhat5.9MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-4vg4-q9rf-r94r: wpa_supplicant 2
ghsa_unreviewed·2022-05-17
CVE-2015-0210 [MEDIUM] CWE-295 GHSA-4vg4-q9rf-r94r: wpa_supplicant 2
wpa_supplicant 2.0-16 does not properly check certificate subject name, which allows remote attackers to cause a man-in-the-middle attack.
Red Hat
wpa_supplicant: broken certificate subject check
vendor_redhat·2015-01-28·CVSS 5.9
CVE-2015-0210 [MEDIUM] wpa_supplicant: broken certificate subject check
wpa_supplicant: broken certificate subject check
wpa_supplicant 2.0-16 does not properly check certificate subject name, which allows remote attackers to cause a man-in-the-middle attack.
Statement: Red Hat Product Security determined that this flaw was not a security vulnerability. See the Bugzilla link for more details.
Package: wpa_supplicant (Red Hat Enterprise Linux 5) - Not affected
Package: wpa_supplicant (Red Hat Enterprise Linux 6) - Not affected
Package: wpa_supplicant (Red Hat Enterprise Linux 7) - Not affected
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2015-0210 Broken subject_match in wpa_supplicant
bugzilla·2015-01-11·CVSS 5.9
CVE-2015-0210 [MEDIUM] CVE-2015-0210 Broken subject_match in wpa_supplicant
CVE-2015-0210 Broken subject_match in wpa_supplicant
User Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.57 Safari/537.36
Steps to reproduce:
Recently, subject_match was added to the code. https://bugzilla.mozilla.org/show_bug.cgi?id=775499
However, subject_match is a substring match (CVE-2015-0210).
The proper way to implement which server you want to connect to is by specifying a DNS name and matching against altSubjectName dNSName.
wpa_supplicant already has support for this, it is called altsubject_match and accepts the format 'DNS:wireless.nikhef.nl'.
In any TLS session, the following must be verified:
1. The identity of the host you want to connect to
2. The signature on the certificate
3. Whether the signature is still valid.
1
Bugzilla
CVE-2015-0210 wpa_supplicant: broken certificate subject check
bugzilla·2015-01-05·CVSS 5.9
CVE-2015-0210 [MEDIUM] CVE-2015-0210 wpa_supplicant: broken certificate subject check
CVE-2015-0210 wpa_supplicant: broken certificate subject check
It was reported [1] that wpa_supplicant does not properly check certificate subject name, which might lead to "man in the middle" attack.
Relevant part of the original report:
...
wpa_supplicant, linked against openssl performs this check:
if (depth == 0 && match && os_strstr(buf, match) == NULL) {
wpa_printf(MSG_WARNING, "TLS: Subject '%s' did not "
"match with '%s'", buf, match);
preverify_ok = 0;
openssl_tls_fail_event(conn, err_cert, err, depth, buf,
"Subject mismatch",
TLS_FAIL_SUBJECT_MISMATCH);
}
strstr() is vulnerable to extension attack, for instance, one would like to
match on /CN=wireless.nikhef.nl, but explicitly not match on
wireless.nikhef.nl.honestachmed.tr. There is no way to implement a secure
EAP-TTLS/PEAP
Bugzilla
wpa_supplicant: add support for non-substring server identity check [rhel-7]
bugzilla·2015-01-03·CVSS 5.9
[MEDIUM] wpa_supplicant: add support for non-substring server identity check [rhel-7]
wpa_supplicant: add support for non-substring server identity check [rhel-7]
Description of problem:
wpa_supplicant, linked against openssl performs this check:
if (depth == 0 && match && os_strstr(buf, match) == NULL) {
wpa_printf(MSG_WARNING, "TLS: Subject '%s' did not "
"match with '%s'", buf, match);
preverify_ok = 0;
openssl_tls_fail_event(conn, err_cert, err, depth, buf,
"Subject mismatch",
TLS_FAIL_SUBJECT_MISMATCH);
}
strstr() is vulnerable to extension attack, for instance, one would like to
match on /CN=wireless.nikhef.nl, but explicitly not match on
wireless.nikhef.nl.honestachmed.tr. There is no way to implement a secure
EAP-TTLS/PEAP configuration using public certificates this way.
When linked against GnuTLS, the problem is even worse:
if (i == 0) {
/* TODO: validate sub
2017-08-28
Published