Vulnerabilities > CVE-2015-2091 - Cryptographic Issues vulnerability in Apache Mod-Gnutls
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
The authentication hook (mgs_hook_authz) in mod-gnutls 0.5.10 and earlier does not validate client certificates when "GnuTLSClientVerify require" is set, which allows remote attackers to spoof clients via a crafted certificate.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Signature Spoofing by Key Recreation An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Nessus
NASL family Debian Local Security Checks NASL id DEBIAN_DSA-3177.NASL description Thomas Klute discovered that in mod-gnutls, an Apache module providing SSL and TLS encryption with GnuTLS, a bug caused the server last seen 2020-03-17 modified 2015-03-11 plugin id 81747 published 2015-03-11 reporter This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/81747 title Debian DSA-3177-1 : mod-gnutls - security update NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201709-04.NASL description The remote host is affected by the vulnerability described in GLSA-201709-04 (mod_gnutls: Certificate validation error) It was discovered that the authentication hook in mod_gnutls does not validate client’s certificates even when option “GnuTLSClientVerify” is set to “require”. Impact : A remote attacker could present a crafted certificate and spoof clients data. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 103272 published 2017-09-18 reporter This script is Copyright (C) 2017 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/103272 title GLSA-201709-04 : mod_gnutls: Certificate validation error NASL family Debian Local Security Checks NASL id DEBIAN_DLA-170.NASL description Thomas Klute discovered that in mod-gnutls, an Apache module providing SSL and TLS encryption with GnuTLS, a bug caused the server last seen 2020-03-17 modified 2015-03-26 plugin id 82155 published 2015-03-26 reporter This script is Copyright (C) 2015-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/82155 title Debian DLA-170-1 : mod-gnutls security update