iOS's SSL certificate parsing contains a flaw where it fails to check the basicConstraints parameter of certificates in the chain. By signing a new certificate using a legitimate end entity certificate, an attacker can obtain a "valid" certificate for any domain.
434dce4a3760a9007c3d719b3ef5ed6a9779f57077aab4e7c303f1688be36903Apple Security Advisory 2011-07-25-1 - A certificate chain validation issue existed in the handling of X.509 certificates. An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS. Other attacks involving X.509 certificate validation may also be possible. This issue is addressed through improved validation of X.509 certificate chains. The iOS 4.3.5 software update addresses this issue.
f271d72e253f45b8bffad97ab4c2940113b5aed5d35f40980c0aa9611dd0e416Apple Security Advisory 2011-07-25-2 - The iOS 4.2.10 software update addresses a certificate chain validation issue. The issue existed in the handling of X.509 certificates where an attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS. Other attacks involving X.509 certificate validation may also be possible. This issue is addressed through improved validation of X.509 certificate chains.
a9341b8d975d38e6fee68438897e57464648354bf839acda89e25f93a633a05b
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed