CVE-2010-4334 - The IO::Socket::SSL module 1.35 for Perl, when verify_mode is not VERIFY_NONE, fails open to VERIFY_

CVE-2010-4334

Summary

The IO::Socket::SSL module 1.35 for Perl, when verify_mode is not VERIFY_NONE, fails open to VERIFY_NONE instead of throwing an error when a ca_file/ca_path cannot be verified, which allows remote attackers to bypass intended certificate restrictions.

References

Vulnerable Configurations

cpe:2.3:a:io-socket-ssl:io-socket-ssl:1.35:*:*:*:*:*:*:*
cpe:2.3:a:io-socket-ssl:io-socket-ssl:1.35:*:*:*:*:*:*:*

CVSS

Base:	4.0 (as of 14-10-2011 - 02:48)
Impact:
Exploitability:

CWE

CWE-310

CAPEC

Signature Spoofing by Key Recreation
An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.

Access

Vector	Complexity	Authentication
NETWORK	HIGH	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	NONE

cvss-vector via4

AV:N/AC:H/Au:N/C:P/I:P/A:N

refmap via4

bid	45189
confirm	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606058 http://cpansearch.perl.org/src/SULLR/IO-Socket-SSL-1.35/Changes
fedora	FEDORA-2010-19054 FEDORA-2010-19058
mandriva	MDVSA-2011:092
mlist	[oss-security] 20101209 Re: CVE requests: IO::Socket::SSL, cakephp, collectd, gnash, ocrodjvu, hypermail, libcloud, piwigo [oss-security] 20101224 IO::Socket::SSL perl module: CVE-2010-4501/CVE-2010-4334 dupe
osvdb	69626
secunia	42508 42757

Last major update

14-10-2011 - 02:48

Published

14-01-2011 - 01:00

Last modified

14-10-2011 - 02:48