FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2009-3555

This CVE name corresponds to:

Entered	Topic
2010-03-30	mozilla -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2009-3555 at cve.mitre.org

Details

Type	Candidate
Name	CVE-2009-3555
Phase	Assigned(20091005)

Description

The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.

References

Source	Reference
BUGTRAQ	20091124 rPSA-2009-0155-1 httpd mod_ssl
BUGTRAQ	20091118 TLS / SSLv3 vulnerability explained (DRAFT)
BUGTRAQ	20091130 TLS / SSLv3 vulnerability explained (New ways to leverage the vulnerability)
BUGTRAQ	20101207 VMSA-2010-0019 VMware ESX third party updates for Service Console
BUGTRAQ	20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
BUGTRAQ	20131121 ESA-2013-077: RSA Data Protection Manager Appliance Multiple Vulnerabilities
FULLDISC	20091111 Re: SSL/TLS MiTM PoC
MLIST	[announce] 20091107 CVE-2009-3555 - apache/mod_ssl vulnerability and mitigation
MLIST	[cryptography] 20091105 OpenSSL 0.9.8l released
MLIST	[gnutls-devel] 20091105 Re: TLS renegotiation MITM
MLIST	[oss-security] 20091105 CVE-2009-3555 for TLS renegotiation MITM attacks
MLIST	[oss-security] 20091105 Re: CVE-2009-3555 for TLS renegotiation MITM attacks
MLIST	[oss-security] 20091107 Re: CVE-2009-3555 for TLS renegotiation MITM attacks
MLIST	[oss-security] 20091107 Re: [TLS] CVE-2009-3555 for TLS renegotiation MITM attacks
MLIST	[tls] 20091104 MITM attack on delayed TLS-client auth through renegotiation
MLIST	[tls] 20091104 TLS renegotiation issue
MLIST	[oss-security] 20091120 CVEs for nginx
MLIST	[oss-security] 20091123 Re: CVEs for nginx
MISC	http://extendedsubset.com/?p=8
MISC	http://extendedsubset.com/Renegotiating_TLS.pdf
MISC	http://www.betanews.com/article/1257452450
MISC	http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html
MISC	http://www.links.org/?p=780
MISC	http://www.tombom.co.uk/blog/?p=85
MISC	https://bugzilla.mozilla.org/show_bug.cgi?id=526689
MISC	https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt
MISC	http://blogs.iss.net/archive/sslmitmiscsrf.html
MISC	http://www.links.org/?p=786
MISC	http://www.links.org/?p=789
MISC	http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html
MISC	http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html
MISC	http://clicky.me/tlsvuln
MISC	https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html
MISC	http://xss.cx/examples/plesk-reports/plesk-parallels-controlpanel-psa.v.10.3.1_build1013110726.09%20os_redhat.el6-billing-system-plugin-javascript-injection-example-poc-report.html
CONFIRM	http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during
CONFIRM	http://kbase.redhat.com/faq/docs/DOC-20491
CONFIRM	https://bugzilla.redhat.com/show_bug.cgi?id=533125
CONFIRM	http://support.citrix.com/article/CTX123359
CONFIRM	http://sysoev.ru/nginx/patch.cve-2009-3555.txt
CONFIRM	http://wiki.rpath.com/Advisories:rPSA-2009-0155
CONFIRM	http://www.ingate.com/Relnote.php?ver=481
CONFIRM	http://www-01.ibm.com/support/docview.wss?uid=swg24025312
CONFIRM	http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c
CONFIRM	http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html
CONFIRM	http://support.apple.com/kb/HT4004
CONFIRM	http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES
CONFIRM	http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released
CONFIRM	http://www.arubanetworks.com/support/alerts/aid-020810.txt
CONFIRM	http://support.avaya.com/css/P8/documents/100070150
CONFIRM	http://www.mozilla.org/security/announce/2010/mfsa2010-22.html
CONFIRM	https://bugzilla.mozilla.org/show_bug.cgi?id=545755
CONFIRM	http://www-01.ibm.com/support/docview.wss?uid=swg21426108
CONFIRM	http://support.avaya.com/css/P8/documents/100081611
CONFIRM	http://support.apple.com/kb/HT4170
CONFIRM	http://support.apple.com/kb/HT4171
CONFIRM	http://www.openoffice.org/security/cves/CVE-2009-3555.html
CONFIRM	http://www.opera.com/docs/changelogs/unix/1060/
CONFIRM	http://www.opera.com/support/search/view/944/
CONFIRM	http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html
CONFIRM	http://www-01.ibm.com/support/docview.wss?uid=swg21432298
CONFIRM	http://support.avaya.com/css/P8/documents/100114315
CONFIRM	http://support.avaya.com/css/P8/documents/100114327
CONFIRM	http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html
CONFIRM	http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html
CONFIRM	http://www-01.ibm.com/support/docview.wss?uid=swg24006386
CONFIRM	http://www.vmware.com/security/advisories/VMSA-2010-0019.html
CONFIRM	https://kb.bluecoat.com/index?page=content&id=SA50
CONFIRM	http://www.vmware.com/security/advisories/VMSA-2011-0003.html
CONFIRM	http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html
CONFIRM	http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html
CONFIRM	http://www.openssl.org/news/secadv_20091111.txt
AIXAPAR	PM00675
AIXAPAR	IC67848
AIXAPAR	PM12247
AIXAPAR	IC68054
AIXAPAR	IC68055
APPLE	APPLE-SA-2010-01-19-1
APPLE	APPLE-SA-2010-05-18-1
APPLE	APPLE-SA-2010-05-18-2
CISCO	20091109 Transport Layer Security Renegotiation Vulnerability
DEBIAN	DSA-1934
DEBIAN	DSA-2141
DEBIAN	DSA-3253
FEDORA	FEDORA-2009-12750
FEDORA	FEDORA-2009-12775
FEDORA	FEDORA-2009-12782
FEDORA	FEDORA-2009-12968
FEDORA	FEDORA-2009-12604
FEDORA	FEDORA-2009-12229
FEDORA	FEDORA-2009-12305
FEDORA	FEDORA-2009-12606
FEDORA	FEDORA-2010-5357
FEDORA	FEDORA-2010-5942
FEDORA	FEDORA-2010-6131
FEDORA	FEDORA-2010-16240
FEDORA	FEDORA-2010-16294
FEDORA	FEDORA-2010-16312
GENTOO	GLSA-200912-01
GENTOO	GLSA-201203-22
GENTOO	GLSA-201406-32
HP	HPSBUX02482
HP	SSRT090249
HP	HPSBMA02534
HP	SSRT090180
HP	HPSBMA02547
HP	SSRT100179
HP	HPSBGN02562
HP	HPSBMA02568
HP	SSRT100219
HP	HPSBOV02683
HP	SSRT090208
HP	HPSBHF02706
HP	SSRT100613
HP	HPSBMU02759
HP	SSRT100817
HP	HPSBHF03293
HP	SSRT101846
MANDRIVA	MDVSA-2010:084
MANDRIVA	MDVSA-2010:076
MANDRIVA	MDVSA-2010:089
MS	MS10-049
OPENBSD	[4.5] 010: SECURITY FIX: November 26, 2009
OPENBSD	[4.6] 004: SECURITY FIX: November 26, 2009
REDHAT	RHSA-2010:0119
REDHAT	RHSA-2010:0155
REDHAT	RHSA-2010:0167
REDHAT	RHSA-2010:0337
REDHAT	RHSA-2010:0338
REDHAT	RHSA-2010:0339
REDHAT	RHSA-2010:0130
REDHAT	RHSA-2010:0165
REDHAT	RHSA-2010:0770
REDHAT	RHSA-2010:0786
REDHAT	RHSA-2010:0807
REDHAT	RHSA-2010:0768
REDHAT	RHSA-2010:0865
REDHAT	RHSA-2010:0986
REDHAT	RHSA-2010:0987
REDHAT	RHSA-2011:0880
SLACKWARE	SSA:2009-320-01
SUNALERT	273029
SUNALERT	273350
SUNALERT	274990
SUNALERT	1021752
SUNALERT	1021653
SUSE	SUSE-SA:2009:057
SUSE	SUSE-SR:2010:008
SUSE	SUSE-SR:2010:011
SUSE	SUSE-SR:2010:012
SUSE	SUSE-SR:2010:013
SUSE	SUSE-SA:2010:061
SUSE	SUSE-SR:2010:019
SUSE	SUSE-SR:2010:024
SUSE	SUSE-SU-2011:0847
SUSE	openSUSE-SU-2011:0845
UBUNTU	USN-923-1
UBUNTU	USN-927-1
UBUNTU	USN-927-4
UBUNTU	USN-927-5
UBUNTU	USN-1010-1
CERT	TA10-222A
CERT	TA10-287A
CERT-VN	VU#120541
BID	36935
OSVDB	60521
OSVDB	60972
OSVDB	62210
OSVDB	65202
OVAL	oval:org.mitre.oval:def:10088
OVAL	oval:org.mitre.oval:def:11578
OVAL	oval:org.mitre.oval:def:7315
OVAL	oval:org.mitre.oval:def:7973
OVAL	oval:org.mitre.oval:def:8366
OVAL	oval:org.mitre.oval:def:8535
OVAL	oval:org.mitre.oval:def:11617
OVAL	oval:org.mitre.oval:def:7478
SECTRACK	1023148
SECTRACK	1023163
SECTRACK	1023204
SECTRACK	1023205
SECTRACK	1023206
SECTRACK	1023207
SECTRACK	1023208
SECTRACK	1023209
SECTRACK	1023210
SECTRACK	1023211
SECTRACK	1023212
SECTRACK	1023215
SECTRACK	1023216
SECTRACK	1023217
SECTRACK	1023218
SECTRACK	1023219
SECTRACK	1023243
SECTRACK	1023270
SECTRACK	1023271
SECTRACK	1023272
SECTRACK	1023273
SECTRACK	1023274
SECTRACK	1023275
SECTRACK	1023411
SECTRACK	1023426
SECTRACK	1023427
SECTRACK	1023428
SECTRACK	1023213
SECTRACK	1023214
SECTRACK	1023224
SECTRACK	1024789
SECUNIA	37291
SECUNIA	37292
SECUNIA	37320
SECUNIA	37501
SECUNIA	37504
SECUNIA	37656
SECUNIA	37675
SECUNIA	37604
SECUNIA	37640
SECUNIA	37859
SECUNIA	38056
SECUNIA	38241
SECUNIA	38484
SECUNIA	38003
SECUNIA	38020
SECUNIA	38687
SECUNIA	39136
SECUNIA	39242
SECUNIA	39243
SECUNIA	39292
SECUNIA	39317
SECUNIA	37383
SECUNIA	37399
SECUNIA	37453
SECUNIA	39278
SECUNIA	38781
SECUNIA	39500
SECUNIA	39628
SECUNIA	39461
SECUNIA	39632
SECUNIA	39713
SECUNIA	39819
SECUNIA	40070
SECUNIA	39127
SECUNIA	40545
SECUNIA	40747
SECUNIA	40866
SECUNIA	41480
SECUNIA	41490
SECUNIA	41967
SECUNIA	41972
SECUNIA	42377
SECUNIA	42379
SECUNIA	42467
SECUNIA	42811
SECUNIA	42724
SECUNIA	42733
SECUNIA	42808
SECUNIA	42816
SECUNIA	43308
SECUNIA	44183
SECUNIA	44954
SECUNIA	48577
SECUNIA	41818
VUPEN	ADV-2009-3164
VUPEN	ADV-2009-3165
VUPEN	ADV-2009-3205
VUPEN	ADV-2009-3220
VUPEN	ADV-2009-3353
VUPEN	ADV-2009-3354
VUPEN	ADV-2009-3484
VUPEN	ADV-2009-3521
VUPEN	ADV-2009-3587
VUPEN	ADV-2010-0173
VUPEN	ADV-2010-0086
VUPEN	ADV-2010-0748
VUPEN	ADV-2009-3310
VUPEN	ADV-2009-3313
VUPEN	ADV-2010-0848
VUPEN	ADV-2010-0982
VUPEN	ADV-2010-0933
VUPEN	ADV-2010-0916
VUPEN	ADV-2010-1054
VUPEN	ADV-2010-0994
VUPEN	ADV-2010-1107
VUPEN	ADV-2010-1191
VUPEN	ADV-2010-1350
VUPEN	ADV-2010-1673
VUPEN	ADV-2010-1639
VUPEN	ADV-2010-1793
VUPEN	ADV-2010-2010
VUPEN	ADV-2010-2745
VUPEN	ADV-2010-3069
VUPEN	ADV-2010-3086
VUPEN	ADV-2010-3126
VUPEN	ADV-2011-0032
VUPEN	ADV-2011-0033
VUPEN	ADV-2011-0086
XF	tls-renegotiation-weak-security(54158)