CVE-2009-3555

Impact:
Moderate
Public Date:
2009-11-05
IAVA:
2011-A-0066
CWE:
CWE-300
Bugzilla:
533125: CVE-2009-3555 TLS: MITM attacks via session renegotiation

The MITRE CVE dictionary describes this issue as:

The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.

Find out more about CVE-2009-3555 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

Red Hat is aware of this issue and is tracking it via the following bug:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-3555

Additional information can be found in the Red Hat Knowledgebase article:
http://kbase.redhat.com/faq/docs/DOC-20491

Red Hat Satellite 6:
This vulnerability has been rated as having a security impact of Moderate. After evaluation and in accordance with the criteria noted in the product support life cycle, there are no plans to address this issue in an upcoming release. Please contact Red Hat Support for further information.

CVSS v2 metrics

Base Score 4.3
Base Metrics AV:N/AC:M/Au:N/C:N/I:P/A:N
Access Vector Network
Access Complexity Medium
Authentication None
Confidentiality Impact None
Integrity Impact Partial
Availability Impact None

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux Supplementary 5 (java-1.4.2-ibm) RHSA-2010:0786 2010-10-20
Red Hat Enterprise Linux 4 RHSA-2010:0165 2010-03-25
Red Hat Enterprise Linux 4 (gnutls) RHSA-2010:0167 2010-03-25
RHEL 4 AS for SAP RHSA-2010:0408 2010-05-12
Red Hat Enterprise Linux 4 (openssl) RHSA-2010:0163 2010-03-25
Red Hat Enterprise Virtualization Hypervisor 5 (rhev-hypervisor) RHSA-2010:0440 2010-05-25
Red Hat JBoss Web Server 1.0 for RHEL 4 AS (httpd22) RHSA-2010:0011 2010-01-06
Red Hat JBoss Web Server 1.0 for RHEL 4 AS RHSA-2010:0119 2010-02-23
Red Hat Enterprise Linux 5 (httpd) RHSA-2009:1579 2009-11-11
Red Hat Enterprise Linux AS version 4 Extras (java-1.5.0-ibm) RHSA-2010:0807 2010-10-27
Red Hat Enterprise Linux 5 (java-1.6.0-openjdk) RHSA-2010:0768 2010-10-13
Red Hat Enterprise Linux 6 (java-1.6.0-openjdk) RHSA-2010:0865 2010-11-10
Red Hat Enterprise Linux AS version 3 Extras (java-1.4.2-ibm) RHSA-2010:0155 2010-03-17
Red Hat Enterprise Linux 5 (gnutls) RHSA-2010:0166 2010-03-25
Red Hat Enterprise Linux 5 RHSA-2010:0165 2010-03-25
Red Hat Enterprise Linux 5 (openssl097a) RHSA-2010:0164 2010-03-25
Red Hat Enterprise Linux 5 (openssl) RHSA-2010:0162 2010-03-25
Red Hat Enterprise Linux AS version 4 Extras (java-1.5.0-sun) RHSA-2010:0338 2010-04-01
Red Hat Enterprise Linux Supplementary (v. 6) (java-1.6.0-ibm) RHSA-2010:0987 2010-12-15
Red Hat Enterprise Linux Supplementary 5 (java-1.6.0-sun) RHSA-2010:0337 2010-04-01
Red Hat Enterprise Linux Supplementary 5 RHSA-2010:0338 2010-04-01
RHEL 5 Server for SAP RHSA-2010:0986 2010-12-15
Red Hat Enterprise Linux 4 (httpd) RHSA-2009:1580 2009-11-11
Red Hat Enterprise Linux AS version 4 Extras (java-1.6.0-sun) RHSA-2010:0337 2010-04-01
Red Hat Enterprise Linux AS version 4 Extras (java-1.5.0-ibm) RHSA-2010:0130 2010-03-03
Red Hat Enterprise Linux AS version 4 Extras (java-1.4.2-ibm) RHSA-2010:0155 2010-03-17
Red Hat Enterprise Linux Supplementary 5 (java-1.6.0-ibm) RHSA-2010:0987 2010-12-15
Red Hat Satellite 5.4 (RHEL v.5) (java-1.6.0-ibm) RHSA-2011:0880 2011-06-16
RHEL 4 AS for SAP RHSA-2010:0986 2010-12-15
Red Hat Enterprise Linux AS version 4 Extras (java-1.6.0-ibm) RHSA-2010:0987 2010-12-15
Red Hat Enterprise Linux Supplementary 5 (java-1.6.0-sun) RHSA-2010:0770 2010-10-14
RHEL 5 Server for SAP RHSA-2010:0408 2010-05-12
Red Hat Enterprise Linux Supplementary 5 (java-1.6.0-ibm) RHSA-2009:1694 2009-12-23
Red Hat Enterprise Linux for SAP 6 RHSA-2010:0986 2010-12-15
Red Hat Enterprise Linux AS version 3 Extras (java-1.4.2-ibm) RHSA-2010:0786 2010-10-20
Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server RHSA-2010:0119 2010-02-23
Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server RHSA-2010:0011 2010-01-06
Red Hat Enterprise Linux AS version 4 Extras (java-1.6.0-ibm) RHSA-2009:1694 2009-12-23
Red Hat Enterprise Linux 3 (httpd) RHSA-2009:1579 2009-11-11
Red Hat Enterprise Linux Supplementary 5 (java-1.5.0-ibm) RHSA-2010:0807 2010-10-27
Red Hat Enterprise Linux Supplementary 5 (java-1.5.0-ibm) RHSA-2010:0130 2010-03-03
Red Hat Enterprise Linux 3 (openssl) RHSA-2010:0163 2010-03-25
Red Hat Enterprise Linux AS version 4 Extras (java-1.6.0-sun) RHSA-2010:0770 2010-10-14
Red Hat Enterprise Linux Supplementary 5 (java-1.4.2-ibm) RHSA-2010:0155 2010-03-17
Red Hat Enterprise Linux AS version 4 Extras (java-1.4.2-ibm) RHSA-2010:0786 2010-10-20
Red Hat Enterprise Linux 5 (java-1.6.0-openjdk) RHSA-2010:0339 2010-04-01

Affected Packages State

Platform Package State
Red Hat Satellite 6 pulp Will not fix
Unless explicitly stated as not affected, all previous versions of packages in any minor update stream of a product listed here should be assumed vulnerable, although may not have been subject to full analysis.
Last Modified

CVE description copyright © 2017, The MITRE Corporation