Vulnerabilities > CVE-2002-0862 - Improper Certificate Validation vulnerability in Microsoft products

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
microsoft
CWE-295
nessus
exploit available
NVD
Published: 2002-10-04
Updated: 2024-02-09

Summary

The (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust APIs within the CryptoAPI for Microsoft products including Microsoft Windows 98 through XP, Office for Mac, Internet Explorer for Mac, and Outlook Express for Mac, do not properly verify the Basic Constraints of intermediate CA-signed X.509 certificates, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack for SSL sessions, as originally reported for Internet Explorer and IIS.

Vulnerable Configurations

Part Description Count
OS
Microsoft
7
OS
Apple
1
Application
Microsoft
3

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Creating a Rogue Certificate Authority Certificate
    An attacker exploits a weakness in the MD5 hash algorithm (weak collision resistance) to generate a certificate signing request (CSR) that contains collision blocks in the "to be signed" part. The attacker specially crafts two different, but valid X.509 certificates that when hashed with the MD5 algorithm would yield the same value. The attacker then sends the CSR for one of the certificates to the Certification Authority which uses the MD5 hashing algorithm. That request is completely valid and the Certificate Authority issues an X.509 certificate to the attacker which is signed with its private key. An attacker then takes that signed blob and inserts it into another X.509 certificate that the attacker generated. Due to the MD5 collision, both certificates, though different, hash to the same value and so the signed blob works just as well in the second certificate. The net effect is that the attackers' second X.509 certificate, which the Certification Authority has never seen, is now signed and validated by that Certification Authority. To make the attack more interesting, the second certificate could be not just a regular certificate, but rather itself a signing certificate. Thus the attacker is able to start their own Certification Authority that is anchored in its root of trust in the legitimate Certification Authority that has signed the attackers' first X.509 certificate. If the original Certificate Authority was accepted by default by browsers, so will now the Certificate Authority set up by the attacker and of course any certificates that it signs. So the attacker is now able to generate any SSL certificates to impersonate any web server, and the user's browser will not issue any warning to the victim. This can be used to compromise HTTPS communications and other types of systems where PKI and X.509 certificates may be used (e.g., VPN, IPSec) .

Exploit-Db

descriptionMS IE 5/6,Konqueror 2.2.2/3.0,Weblogic Server 5/6/7 Invalid X.509 Certificate Chain. CVE-2002-0828,CVE-2002-0862,CVE-2002-1183. Remote exploit for windows pl...
idEDB-ID:21692
last seen2016-02-02
modified2002-08-06
published2002-08-06
reporterMike Benham
sourcehttps://www.exploit-db.com/download/21692/
titleMicrosoft Internet Explorer 5/6,Konqueror 2.2.2/3.0,Weblogic Server 5/6/7 Invalid X.509 Certificate Chain

Nessus

NASL familyWindows : Microsoft Bulletins
NASL idSMB_NT_MS02-050.NASL
descriptionThe remote host contains a version of the CryptoAPI that could allow an attacker to spoof the identity of another user with malformed SSL certificates.
last seen2020-06-01
modified2020-06-02
plugin id11145
published2002-10-24
reporterThis script is Copyright (C) 2002-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/11145
titleMS02-050: Certificate Validation Flaw Could Enable Identity Spoofing (328145)
code
#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
 script_id(11145);
 script_version("1.49");
 script_cvs_date("Date: 2018/11/15 20:50:29");

 script_cve_id("CVE-2002-0862", "CVE-2002-1183");
 script_bugtraq_id(5410);
 script_xref(name:"MSFT", value:"MS02-050");
 script_xref(name:"MSKB", value:"329115");

 script_name(english:"MS02-050: Certificate Validation Flaw Could Enable Identity Spoofing (328145)");
 script_summary(english:"Checks for MS Hotfix Q328145, Certificate Validation Flaw");

 script_set_attribute(attribute:"synopsis", value:"It is possible to spoof user identities.");
 script_set_attribute(attribute:"description", value:
"The remote host contains a version of the CryptoAPI that could allow an
attacker to spoof the identity of another user with malformed SSL
certificates.");
 script_set_attribute(attribute:"see_also", value:"https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2002/ms02-050");
 script_set_attribute(attribute:"solution", value:"Microsoft has released a set of patches for Windows NT, 2000 and XP.");
 script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C");
 script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
 script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H");
 script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
 script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
 script_set_attribute(attribute:"exploit_available", value:"true");

 script_set_attribute(attribute:"vuln_publication_date", value:"2002/08/05");
 script_set_attribute(attribute:"patch_publication_date", value:"2002/09/04");
 script_set_attribute(attribute:"plugin_publication_date", value:"2002/10/24");

 script_set_attribute(attribute:"plugin_type", value:"local");
 script_set_attribute(attribute:"cpe", value:"cpe:/o:microsoft:windows");
 script_end_attributes();

 script_category(ACT_GATHER_INFO);
 script_copyright(english:"This script is Copyright (C) 2002-2018 Tenable Network Security, Inc.");
 script_family(english:"Windows : Microsoft Bulletins");

 script_dependencies("smb_hotfixes.nasl", "ms_bulletin_checks_possible.nasl");
 script_require_keys("SMB/MS_Bulletin_Checks/Possible");
 script_require_ports(139, 445, 'Host/patch_management_checks');
 exit(0);
}

include("audit.inc");
include("smb_func.inc");
include("smb_hotfixes.inc");
include("smb_hotfixes_fcheck.inc");
include("misc_func.inc");

get_kb_item_or_exit("SMB/MS_Bulletin_Checks/Possible");

bulletin = 'MS02-050';
kb = '329115';

kbs = make_list(kb);
if (get_kb_item("Host/patch_management_checks")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);

get_kb_item_or_exit("SMB/Registry/Enumerated");
get_kb_item_or_exit("SMB/WindowsVersion", exit_code:1);

if (hotfix_check_sp_range(nt:'6', win2k:'3,4', xp:'0,1') <= 0) audit(AUDIT_OS_SP_NOT_VULN);

rootfile = hotfix_get_systemroot();
if (!rootfile) exit(1, "Failed to get the system root.");

share = hotfix_path2share(path:rootfile);
if (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);

if (
  hotfix_is_vulnerable(os:"5.1", file:"Crypt32.dll", version:"5.131.2600.1123", dir:"\system32", bulletin:bulletin, kb:kb) ||
  hotfix_is_vulnerable(os:"5.0", sp:4, file:"Cryptdlg.dll", version:"5.0.1558.6608", dir:"\system32", bulletin:bulletin, kb:kb) ||
  hotfix_is_vulnerable(os:"5.0", sp:3, file:"Cryptdlg.dll", version:"5.0.1558.6072", dir:"\system32", bulletin:bulletin, kb:kb) ||
  hotfix_is_vulnerable(os:"4.0", file:"Crypt32.dll", version:"5.131.1878.12", dir:"\system32", bulletin:bulletin, kb:kb)
)
{
  set_kb_item(name:"SMB/Missing/"+bulletin, value:TRUE);
  hotfix_security_hole();
  hotfix_check_fversion_end();
  exit(0);
}
else
{
  hotfix_check_fversion_end();
  audit(AUDIT_HOST_NOT, 'affected');
}

Oval

  • accepted2011-05-16T04:00:14.140-04:00
    classvulnerability
    contributors
    • nameChristine Walzer
      organizationThe MITRE Corporation
    • nameChristine Walzer
      organizationThe MITRE Corporation
    • nameChristine Walzer
      organizationThe MITRE Corporation
    • nameChristine Walzer
      organizationThe MITRE Corporation
    • nameShane Shaffer
      organizationG2, Inc.
    • nameSudhir Gandhe
      organizationTelos
    • nameShane Shaffer
      organizationG2, Inc.
    descriptionThe (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust APIs within the CryptoAPI for Microsoft products including Microsoft Windows 98 through XP, Office for Mac, Internet Explorer for Mac, and Outlook Express for Mac, do not properly verify the Basic Constraints of intermediate CA-signed X.509 certificates, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack for SSL sessions, as originally reported for Internet Explorer and IIS.
    familywindows
    idoval:org.mitre.oval:def:1056
    statusaccepted
    submitted2004-07-12T12:00:00.000-04:00
    titleMicrosoft Certificate Validation Flaw Identity Spoofing Vulnerability
    version71
  • accepted2011-05-16T04:00:52.883-04:00
    classvulnerability
    contributors
    • nameChristine Walzer
      organizationThe MITRE Corporation
    • nameChristine Walzer
      organizationThe MITRE Corporation
    • nameChristine Walzer
      organizationThe MITRE Corporation
    • nameChristine Walzer
      organizationThe MITRE Corporation
    • nameChristine Walzer
      organizationThe MITRE Corporation
    • nameShane Shaffer
      organizationG2, Inc.
    • nameSudhir Gandhe
      organizationTelos
    • nameShane Shaffer
      organizationG2, Inc.
    descriptionThe (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust APIs within the CryptoAPI for Microsoft products including Microsoft Windows 98 through XP, Office for Mac, Internet Explorer for Mac, and Outlook Express for Mac, do not properly verify the Basic Constraints of intermediate CA-signed X.509 certificates, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack for SSL sessions, as originally reported for Internet Explorer and IIS.
    familywindows
    idoval:org.mitre.oval:def:1332
    statusaccepted
    submitted2004-07-12T12:00:00.000-04:00
    titleWindows 2000 Certificate Validation Identity Spoofing Vulnerability (Test 1)
    version71
  • accepted2011-05-16T04:02:35.841-04:00
    classvulnerability
    contributors
    • nameChristine Walzer
      organizationThe MITRE Corporation
    • nameChristine Walzer
      organizationThe MITRE Corporation
    • nameChristine Walzer
      organizationThe MITRE Corporation
    • nameChristine Walzer
      organizationThe MITRE Corporation
    • nameChristine Walzer
      organizationThe MITRE Corporation
    • nameAnna Min
      organizationBigFix, Inc
    • nameSudhir Gandhe
      organizationTelos
    • nameShane Shaffer
      organizationG2, Inc.
    descriptionThe (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust APIs within the CryptoAPI for Microsoft products including Microsoft Windows 98 through XP, Office for Mac, Internet Explorer for Mac, and Outlook Express for Mac, do not properly verify the Basic Constraints of intermediate CA-signed X.509 certificates, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack for SSL sessions, as originally reported for Internet Explorer and IIS.
    familywindows
    idoval:org.mitre.oval:def:2671
    statusaccepted
    submitted2004-07-11T12:00:00.000-04:00
    titleWindows 2000 Certificate Validation Identity Spoofing Vulnerability (Test 2)
    version69

References