CERT Advisory CA-2000-10 - Several flaws exist in Microsoft Internet Explorer that could allow an attacker to masquerade as a legitimate web site if the attacker can compromise the validity of certain DNS information. These problems are different from the problems reported in CERT Advisory CA-2000-05 and CERT Advisory CA-2000-08, but they have a similar impact.
caa2d8e1fc0030e105ed4758efd2116e7096d4949c4c4cfa5c18509f8e8e48a8
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
CERT Advisory CA-2000-10 Inconsistent Warning Messages in Internet Explorer
Original release date: June 6, 2000
Last Revised: --
Source: CERT/CC
A complete revision history is at the end of this file.
Systems Affected
* Systems running Microsoft Internet Explorer
Overview
Several flaws exist in Microsoft Internet Explorer that could allow an
attacker to masquerade as a legitimate web site if the attacker can
compromise the validity of certain DNS information. These problems are
different from the problems reported in CERT Advisory CA-2000-05 and
CERT Advisory CA-2000-08, but they have a similar impact.
I. Description
Digital certificates are small documents used to authenticate and
encrypt information transmitted over the Internet. One very common use
of digital certificates is to secure electronic commerce transactions
through SSL (Secure Socket Layer). The kind of certificates used in
e-commerce transactions are called X.509 certificates. The X.509
certificates help a web browser and the user ensure that sensitive
information transmitted over the Internet is readable only by the
intended recipient. This requires verifying the recipient's identity
and encrypting data so that only the recipient can decrypt it.
The "padlock" icon used by Internet Explorer (as well as Netscape and
other browsers) is an indication that an SSL-secured transaction has
been established to someone. It does not necessarily indicate to whom
the connection has been established. Internet Explorer (and other
browsers) take steps to warn users when DNS-based information
conflicts with the strongly authenticated information contained in the
X.509 certificates used in SSL transactions. These warnings are
supplemental information to help users decide if they're connecting to
whom they think they are connecting. These steps and warnings are
designed to protect against attacks on the DNS information.
Descriptions of the problems provided by Microsoft are shown below.
IE fails to validate certificates in images or frames
When a connection to a secure server is made via either an image or a
frame, IE only verifies that the server's SSL certificate was issued
by a trusted root - it does not verify the server name or the
expiration date. When a connection is made via any other means, all
expected validation is performed.
IE fails to revalidate certificates within the same session
Even if the initial validation is made correctly, IE does not
re-validate the certificate if a new SSL session is establish with the
same server during the same IE session.
We encourage you to read Microsoft Security Bulletin MS-039 for
additional details provided by Microsoft. This document is available
at
https://www.microsoft.com/technet/security/bulletin/ms00-039.asp
II. Impact
Attackers can trick users into disclosing information (such as credit
card numbers, personal data, or other sensitive information) intended
for a legitimate web site.
III. Solution
General Recommendations When Using SSL
DNS information is fundamentally insecure, and there are a variety of
means by which an attacker can provide false or misleading DNS
information, even in the absence of any vulnerabilities in a DNS
server. Browsers attempt to compensate for this insecurity by
providing warning messages when the strongly authenticated certificate
information does not match the DNS information. While we strongly
recommend that you stay up to date with respect to patches and
workarounds provided by your browser vendor, we also encourage you to
take the following steps, particularly for sensitive transactions.
Check Certificates
The CERT/CC recommends that prior to providing any sensitive
information over SSL, you check the name recorded in the certificate
to be sure that it matches the name of the site to which you think you
are connecting. For example, in Internet Explorer 5 (for Windows),
double click on the "padlock" icon to engage the "Certificate" dialog
box. Click on the "Details" tab to see information about the
certificate, including the thumbprint. Click on the "Certification
Path" tab for information about the certificate authority that signed
the certificate. If you do not trust the certificate authority or if
the name of the server does not match the site to which you think
you're connecting, be suspicious.
Validate Certificates Independently
Web browsers come configured to trust a variety of certificate
authorities. If you delete the certificates of all the certificate
authorities in your browser, then whenever you encounter a new SSL
certificate, you will be prompted to validate the certificate
yourself. You can do this by validating the fingerprint on the
certificate through an alternate means, such as the telephone. That
is, the same dialog box mentioned above also lists a fingerprint for
the certificate. If you wish to validate the certificate yourself,
call the organization for which the certificate was issued and ask
them to confirm the fingerprint on the certificate.
Deleting the certificates of the certificate authorities in your
browser will cause the browser to prompt you for validation whenever
you encounter a new site certificate. This may be inconvenient and
cumbersome, but it provides you with greater control over which
certificates you accept.
It is also important to note that this sort of verification is only
effective if you have an independent means through which to validate
the certificate. This sort of validation is called out-of-band
validation. For example, calling a phone number provided on the same
web page as the certificate does not provide any additional security.
The CERT/CC encourages all organizations engaging in electronic
commerce to train help desk or customer support personnel to answer
questions about certificate fingerprints/thumbprints.
Note: Microsoft Internet Explorer 5, Macintosh Edition, does not
provide any means by which users can validate certificates by checking
the fingerprint/thumbprint. Our conversations with Microsoft indicate
that the Macintosh version of Internet Explorer is not affected by
these specific problems, however, because of the fundamentally
insecure nature of DNS, we recommend using a browser that does allow
users to validate certificates on whatever platform they use,
including MacOS
Specific Defenses Against These problems
Stay up to date with patches, workarounds, and certificate management
products. Appendix A lists information regarding these problems.
Appendix A Vendor Information
Microsoft Corporation
Information from Microsoft is available at
https://www.microsoft.com/technet/security/bulletin/ms00-039.asp
_________________________________________________________________
The CERT Coordination Center thanks the ACROS Security Team of
Slovenia, who originally discovered this problem, and Ric Ford,
President of MacInTouch, Inc.
_________________________________________________________________
Shawn Hernan was the primary author of this document.
______________________________________________________________________
This document is available from:
https://www.cert.org/advisories/CA-2000-10.html
______________________________________________________________________
CERT/CC Contact Information
Email: cert@cert.org
Phone: +1 412-268-7090 (24-hour hotline)
Fax: +1 412-268-6989
Postal address:
CERT Coordination Center
Software Engineering Institute
Carnegie Mellon University
Pittsburgh PA 15213-3890
U.S.A.
CERT personnel answer the hotline 08:00-20:00 EST(GMT-5) / EDT(GMT-4)
Monday through Friday; they are on call for emergencies during other
hours, on U.S. holidays, and on weekends.
Using encryption
We strongly urge you to encrypt sensitive information sent by email.
Our public PGP key is available from
https://www.cert.org/CERT_PGP.key
If you prefer to use DES, please call the CERT hotline for more
information.
Getting security information
CERT publications and other security information are available from
our web site
https://www.cert.org/
To be added to our mailing list for advisories and bulletins, send
email to cert-advisory-request@cert.org and include SUBSCRIBE
your-email-address in the subject of your message.
* "CERT" and "CERT Coordination Center" are registered in the U.S.
Patent and Trademark Office.
______________________________________________________________________
NO WARRANTY
Any material furnished by Carnegie Mellon University and the Software
Engineering Institute is furnished on an "as is" basis. Carnegie
Mellon University makes no warranties of any kind, either expressed or
implied as to any matter including, but not limited to, warranty of
fitness for a particular purpose or merchantability, exclusivity or
results obtained from use of the material. Carnegie Mellon University
does not make any warranty of any kind with respect to freedom from
patent, trademark, or copyright infringement.
_________________________________________________________________
Conditions for use, disclaimers, and sponsorship information
Copyright 2000 Carnegie Mellon University.
Revision History
June 6, 2000: initial release
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv
iQA/AwUBOT0FD1r9kb5qlZHQEQJsVACdEBzlJ7cgHNWerGK6Ix9MQxh2Y9EAoJC4
PSqEO0xNEc0rRFmnQs0L8lSi
=LUcH
-----END PGP SIGNATURE-----