The mod_tls module in ProFTPD before 1.3.2b, and 1.3.3 before 1.3.3rc2, when the dNSNameRequired TLS option is enabled, does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 client certificate, which allows remote attackers to bypass intended client-hostname restrictions via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
Weaknesses in this category are related to the design and implementation of data confidentiality and integrity. Frequently these deal with the use of encoding techniques, encryption libraries, and hashing algorithms. The weaknesses in this category could lead to a degradation of the quality data if they are not addressed.
| Link | Tags |
|---|---|
| http://marc.info/?l=oss-security&m=125630966510672&w=2 | mailing list |
| https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00649.html | vendor advisory |
| http://secunia.com/advisories/37219 | third party advisory |
| https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00642.html | vendor advisory |
| http://www.debian.org/security/2009/dsa-1925 | vendor advisory |
| http://bugs.proftpd.org/show_bug.cgi?id=3275 | |
| http://marc.info/?l=oss-security&m=125632960508211&w=2 | mailing list |
| http://www.securityfocus.com/bid/36804 | vdb entry patch |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/53936 | vdb entry |
| http://secunia.com/advisories/37131 | third party advisory vendor advisory |
| http://www.mandriva.com/security/advisories?name=MDVSA-2009:288 | vendor advisory |
| https://bugzilla.redhat.com/show_bug.cgi?id=530719 | patch |