FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2009-3555

This CVE name corresponds to:

Entered Topic
2010-03-30 mozilla -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

Details

Type Candidate
Name CVE-2009-3555
Phase Assigned(20091005)

Description

The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.

References

Source Reference
BUGTRAQ 20091124 rPSA-2009-0155-1 httpd mod_ssl
BUGTRAQ 20091118 TLS / SSLv3 vulnerability explained (DRAFT)
BUGTRAQ 20091130 TLS / SSLv3 vulnerability explained (New ways to leverage the vulnerability)
BUGTRAQ 20101207 VMSA-2010-0019 VMware ESX third party updates for Service Console
BUGTRAQ 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
BUGTRAQ 20131121 ESA-2013-077: RSA Data Protection Manager Appliance Multiple Vulnerabilities
FULLDISC 20091111 Re: SSL/TLS MiTM PoC
MLIST [announce] 20091107 CVE-2009-3555 - apache/mod_ssl vulnerability and mitigation
MLIST [cryptography] 20091105 OpenSSL 0.9.8l released
MLIST [gnutls-devel] 20091105 Re: TLS renegotiation MITM
MLIST [oss-security] 20091105 CVE-2009-3555 for TLS renegotiation MITM attacks
MLIST [oss-security] 20091105 Re: CVE-2009-3555 for TLS renegotiation MITM attacks
MLIST [oss-security] 20091107 Re: CVE-2009-3555 for TLS renegotiation MITM attacks
MLIST [oss-security] 20091107 Re: [TLS] CVE-2009-3555 for TLS renegotiation MITM attacks
MLIST [tls] 20091104 MITM attack on delayed TLS-client auth through renegotiation
MLIST [tls] 20091104 TLS renegotiation issue
MLIST [oss-security] 20091120 CVEs for nginx
MLIST [oss-security] 20091123 Re: CVEs for nginx
MISC http://extendedsubset.com/?p=8
MISC http://extendedsubset.com/Renegotiating_TLS.pdf
MISC http://www.betanews.com/article/1257452450
MISC http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html
MISC http://www.links.org/?p=780
MISC http://www.tombom.co.uk/blog/?p=85
MISC https://bugzilla.mozilla.org/show_bug.cgi?id=526689
MISC https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt
MISC http://blogs.iss.net/archive/sslmitmiscsrf.html
MISC http://www.links.org/?p=786
MISC http://www.links.org/?p=789
MISC http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html
MISC http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html
MISC http://clicky.me/tlsvuln
MISC https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html
MISC http://xss.cx/examples/plesk-reports/plesk-parallels-controlpanel-psa.v.10.3.1_build1013110726.09%20os_redhat.el6-billing-system-plugin-javascript-injection-example-poc-report.html
CONFIRM http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during
CONFIRM http://kbase.redhat.com/faq/docs/DOC-20491
CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=533125
CONFIRM http://support.citrix.com/article/CTX123359
CONFIRM http://sysoev.ru/nginx/patch.cve-2009-3555.txt
CONFIRM http://wiki.rpath.com/Advisories:rPSA-2009-0155
CONFIRM http://www.ingate.com/Relnote.php?ver=481
CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg24025312
CONFIRM http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c
CONFIRM http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html
CONFIRM http://support.apple.com/kb/HT4004
CONFIRM http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES
CONFIRM http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released
CONFIRM http://www.arubanetworks.com/support/alerts/aid-020810.txt
CONFIRM http://support.avaya.com/css/P8/documents/100070150
CONFIRM http://www.mozilla.org/security/announce/2010/mfsa2010-22.html
CONFIRM https://bugzilla.mozilla.org/show_bug.cgi?id=545755
CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21426108
CONFIRM http://support.avaya.com/css/P8/documents/100081611
CONFIRM http://support.apple.com/kb/HT4170
CONFIRM http://support.apple.com/kb/HT4171
CONFIRM http://www.openoffice.org/security/cves/CVE-2009-3555.html
CONFIRM http://www.opera.com/docs/changelogs/unix/1060/
CONFIRM http://www.opera.com/support/search/view/944/
CONFIRM http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html
CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21432298
CONFIRM http://support.avaya.com/css/P8/documents/100114315
CONFIRM http://support.avaya.com/css/P8/documents/100114327
CONFIRM http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html
CONFIRM http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html
CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg24006386
CONFIRM http://www.vmware.com/security/advisories/VMSA-2010-0019.html
CONFIRM https://kb.bluecoat.com/index?page=content&id=SA50
CONFIRM http://www.vmware.com/security/advisories/VMSA-2011-0003.html
CONFIRM http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html
CONFIRM http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html
CONFIRM http://www.openssl.org/news/secadv_20091111.txt
AIXAPAR PM00675
AIXAPAR IC67848
AIXAPAR PM12247
AIXAPAR IC68054
AIXAPAR IC68055
APPLE APPLE-SA-2010-01-19-1
APPLE APPLE-SA-2010-05-18-1
APPLE APPLE-SA-2010-05-18-2
CISCO 20091109 Transport Layer Security Renegotiation Vulnerability
DEBIAN DSA-1934
DEBIAN DSA-2141
DEBIAN DSA-3253
FEDORA FEDORA-2009-12750
FEDORA FEDORA-2009-12775
FEDORA FEDORA-2009-12782
FEDORA FEDORA-2009-12968
FEDORA FEDORA-2009-12604
FEDORA FEDORA-2009-12229
FEDORA FEDORA-2009-12305
FEDORA FEDORA-2009-12606
FEDORA FEDORA-2010-5357
FEDORA FEDORA-2010-5942
FEDORA FEDORA-2010-6131
FEDORA FEDORA-2010-16240
FEDORA FEDORA-2010-16294
FEDORA FEDORA-2010-16312
GENTOO GLSA-200912-01
GENTOO GLSA-201203-22
GENTOO GLSA-201406-32
HP HPSBUX02482
HP SSRT090249
HP HPSBMA02534
HP SSRT090180
HP HPSBMA02547
HP SSRT100179
HP HPSBGN02562
HP HPSBMA02568
HP SSRT100219
HP HPSBOV02683
HP SSRT090208
HP HPSBHF02706
HP SSRT100613
HP HPSBMU02759
HP SSRT100817
HP HPSBHF03293
HP SSRT101846
MANDRIVA MDVSA-2010:084
MANDRIVA MDVSA-2010:076
MANDRIVA MDVSA-2010:089
MS MS10-049
OPENBSD [4.5] 010: SECURITY FIX: November 26, 2009
OPENBSD [4.6] 004: SECURITY FIX: November 26, 2009
REDHAT RHSA-2010:0119
REDHAT RHSA-2010:0155
REDHAT RHSA-2010:0167
REDHAT RHSA-2010:0337
REDHAT RHSA-2010:0338
REDHAT RHSA-2010:0339
REDHAT RHSA-2010:0130
REDHAT RHSA-2010:0165
REDHAT RHSA-2010:0770
REDHAT RHSA-2010:0786
REDHAT RHSA-2010:0807
REDHAT RHSA-2010:0768
REDHAT RHSA-2010:0865
REDHAT RHSA-2010:0986
REDHAT RHSA-2010:0987
REDHAT RHSA-2011:0880
SLACKWARE SSA:2009-320-01
SUNALERT 273029
SUNALERT 273350
SUNALERT 274990
SUNALERT 1021752
SUNALERT 1021653
SUSE SUSE-SA:2009:057
SUSE SUSE-SR:2010:008
SUSE SUSE-SR:2010:011
SUSE SUSE-SR:2010:012
SUSE SUSE-SR:2010:013
SUSE SUSE-SA:2010:061
SUSE SUSE-SR:2010:019
SUSE SUSE-SR:2010:024
SUSE SUSE-SU-2011:0847
SUSE openSUSE-SU-2011:0845
UBUNTU USN-923-1
UBUNTU USN-927-1
UBUNTU USN-927-4
UBUNTU USN-927-5
UBUNTU USN-1010-1
CERT TA10-222A
CERT TA10-287A
CERT-VN VU#120541
BID 36935
OSVDB 60521
OSVDB 60972
OSVDB 62210
OSVDB 65202
OVAL oval:org.mitre.oval:def:10088
OVAL oval:org.mitre.oval:def:11578
OVAL oval:org.mitre.oval:def:7315
OVAL oval:org.mitre.oval:def:7973
OVAL oval:org.mitre.oval:def:8366
OVAL oval:org.mitre.oval:def:8535
OVAL oval:org.mitre.oval:def:11617
OVAL oval:org.mitre.oval:def:7478
SECTRACK 1023148
SECTRACK 1023163
SECTRACK 1023204
SECTRACK 1023205
SECTRACK 1023206
SECTRACK 1023207
SECTRACK 1023208
SECTRACK 1023209
SECTRACK 1023210
SECTRACK 1023211
SECTRACK 1023212
SECTRACK 1023215
SECTRACK 1023216
SECTRACK 1023217
SECTRACK 1023218
SECTRACK 1023219
SECTRACK 1023243
SECTRACK 1023270
SECTRACK 1023271
SECTRACK 1023272
SECTRACK 1023273
SECTRACK 1023274
SECTRACK 1023275
SECTRACK 1023411
SECTRACK 1023426
SECTRACK 1023427
SECTRACK 1023428
SECTRACK 1023213
SECTRACK 1023214
SECTRACK 1023224
SECTRACK 1024789
SECUNIA 37291
SECUNIA 37292
SECUNIA 37320
SECUNIA 37501
SECUNIA 37504
SECUNIA 37656
SECUNIA 37675
SECUNIA 37604
SECUNIA 37640
SECUNIA 37859
SECUNIA 38056
SECUNIA 38241
SECUNIA 38484
SECUNIA 38003
SECUNIA 38020
SECUNIA 38687
SECUNIA 39136
SECUNIA 39242
SECUNIA 39243
SECUNIA 39292
SECUNIA 39317
SECUNIA 37383
SECUNIA 37399
SECUNIA 37453
SECUNIA 39278
SECUNIA 38781
SECUNIA 39500
SECUNIA 39628
SECUNIA 39461
SECUNIA 39632
SECUNIA 39713
SECUNIA 39819
SECUNIA 40070
SECUNIA 39127
SECUNIA 40545
SECUNIA 40747
SECUNIA 40866
SECUNIA 41480
SECUNIA 41490
SECUNIA 41967
SECUNIA 41972
SECUNIA 42377
SECUNIA 42379
SECUNIA 42467
SECUNIA 42811
SECUNIA 42724
SECUNIA 42733
SECUNIA 42808
SECUNIA 42816
SECUNIA 43308
SECUNIA 44183
SECUNIA 44954
SECUNIA 48577
SECUNIA 41818
VUPEN ADV-2009-3164
VUPEN ADV-2009-3165
VUPEN ADV-2009-3205
VUPEN ADV-2009-3220
VUPEN ADV-2009-3353
VUPEN ADV-2009-3354
VUPEN ADV-2009-3484
VUPEN ADV-2009-3521
VUPEN ADV-2009-3587
VUPEN ADV-2010-0173
VUPEN ADV-2010-0086
VUPEN ADV-2010-0748
VUPEN ADV-2009-3310
VUPEN ADV-2009-3313
VUPEN ADV-2010-0848
VUPEN ADV-2010-0982
VUPEN ADV-2010-0933
VUPEN ADV-2010-0916
VUPEN ADV-2010-1054
VUPEN ADV-2010-0994
VUPEN ADV-2010-1107
VUPEN ADV-2010-1191
VUPEN ADV-2010-1350
VUPEN ADV-2010-1673
VUPEN ADV-2010-1639
VUPEN ADV-2010-1793
VUPEN ADV-2010-2010
VUPEN ADV-2010-2745
VUPEN ADV-2010-3069
VUPEN ADV-2010-3086
VUPEN ADV-2010-3126
VUPEN ADV-2011-0032
VUPEN ADV-2011-0033
VUPEN ADV-2011-0086
XF tls-renegotiation-weak-security(54158)