CVE-2014-1263 - OpenCVE

curl and libcurl 7.27.0 through 7.35.0, when using the SecureTransport/Darwinssl backend, as used in in Apple OS X 10.9.x before 10.9.2, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate when accessing a URL that uses a numerical IP address, which allows man-in-the-middle attackers to spoof servers via an arbitrary valid certificate.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:M/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Apple	Mac Os X

Configuration 1 [-]

OR	cpe:2.3:o:apple:mac_os_x::::::::
	cpe:2.3:o:apple:mac_os_x:10.9:::::::*

No data.

References

Link	Providers
http://curl.haxx.se/docs/adv_20140326C.html
http://secunia.com/advisories/57836
http://secunia.com/advisories/57966
http://secunia.com/advisories/57968
http://support.apple.com/kb/HT6150
http://twitter.com/agl__/statuses/437029812046422016
http://twitter.com/okoeroo/statuses/437272014043496449
http://www.getchef.com/blog/2014/04/09/chef-server-11-0-12-release/
http://www.getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release/
http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release/
https://gist.github.com/rmoriz/fb2b0a6a0ce10550ab73

History

No history.

MITRE

Status: PUBLISHED

Assigner: apple

Published: 2014-02-27T01:00:00

Updated: 2024-08-06T09:34:41.196Z

Reserved: 2014-01-08T00:00:00

Link: CVE-2014-1263

Vulnrichment

No data.

NVD

Status : Modified

Published: 2014-02-27T01:55:04.070

Modified: 2014-05-05T05:32:35.670

Link: CVE-2014-1263

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-02-21T00:00:00", "descriptions": [{"lang": "en", "value": "curl and libcurl 7.27.0 through 7.35.0, when using the SecureTransport/Darwinssl backend, as used in in Apple OS X 10.9.x before 10.9.2, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate when accessing a URL that uses a numerical IP address, which allows man-in-the-middle attackers to spoof servers via an arbitrary valid certificate."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2014-04-25T02:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://gist.github.com/rmoriz/fb2b0a6a0ce10550ab73"}, {"name": "57836", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/57836"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.apple.com/kb/HT6150"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.getchef.com/blog/2014/04/09/chef-server-11-0-12-release/"}, {"tags": ["x_refsource_MISC"], "url": "http://twitter.com/agl__/statuses/437029812046422016"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://curl.haxx.se/docs/adv_20140326C.html"}, {"name": "57968", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/57968"}, {"tags": ["x_refsource_MISC"], "url": "http://twitter.com/okoeroo/statuses/437272014043496449"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release/"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release/"}, {"name": "57966", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/57966"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "product-security@apple.com", "ID": "CVE-2014-1263", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "curl and libcurl 7.27.0 through 7.35.0, when using the SecureTransport/Darwinssl backend, as used in in Apple OS X 10.9.x before 10.9.2, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate when accessing a URL that uses a numerical IP address, which allows man-in-the-middle attackers to spoof servers via an arbitrary valid certificate."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://gist.github.com/rmoriz/fb2b0a6a0ce10550ab73", "refsource": "MISC", "url": "https://gist.github.com/rmoriz/fb2b0a6a0ce10550ab73"}, {"name": "57836", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/57836"}, {"name": "http://support.apple.com/kb/HT6150", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6150"}, {"name": "http://www.getchef.com/blog/2014/04/09/chef-server-11-0-12-release/", "refsource": "CONFIRM", "url": "http://www.getchef.com/blog/2014/04/09/chef-server-11-0-12-release/"}, {"name": "http://twitter.com/agl__/statuses/437029812046422016", "refsource": "MISC", "url": "http://twitter.com/agl__/statuses/437029812046422016"}, {"name": "http://curl.haxx.se/docs/adv_20140326C.html", "refsource": "CONFIRM", "url": "http://curl.haxx.se/docs/adv_20140326C.html"}, {"name": "57968", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/57968"}, {"name": "http://twitter.com/okoeroo/statuses/437272014043496449", "refsource": "MISC", "url": "http://twitter.com/okoeroo/statuses/437272014043496449"}, {"name": "http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release/", "refsource": "CONFIRM", "url": "http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release/"}, {"name": "http://www.getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release/", "refsource": "CONFIRM", "url": "http://www.getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release/"}, {"name": "57966", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/57966"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T09:34:41.196Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://gist.github.com/rmoriz/fb2b0a6a0ce10550ab73"}, {"name": "57836", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/57836"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.apple.com/kb/HT6150"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.getchef.com/blog/2014/04/09/chef-server-11-0-12-release/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://twitter.com/agl__/statuses/437029812046422016"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://curl.haxx.se/docs/adv_20140326C.html"}, {"name": "57968", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/57968"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://twitter.com/okoeroo/statuses/437272014043496449"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release/"}, {"name": "57966", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/57966"}]}]}, "cveMetadata": {"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2014-1263", "datePublished": "2014-02-27T01:00:00", "dateReserved": "2014-01-08T00:00:00", "dateUpdated": "2024-08-06T09:34:41.196Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "matchCriteriaId": "C8303A91-5C8F-4709-83D6-3D211F9C57EE", "versionEndIncluding": "10.9.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.9:*:*:*:*:*:*:*", "matchCriteriaId": "A48A5310-A589-4E9B-99BC-F840CC1A6A44", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "curl and libcurl 7.27.0 through 7.35.0, when using the SecureTransport/Darwinssl backend, as used in in Apple OS X 10.9.x before 10.9.2, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate when accessing a URL that uses a numerical IP address, which allows man-in-the-middle attackers to spoof servers via an arbitrary valid certificate."}, {"lang": "es", "value": "curl en Apple OS X 10.9.x anterior a 10.9.2 no verifica los certificados X.509 de servidores HTTPS que son accedidos mediante el uso de una direcci\u00f3n IP num\u00e9rica, lo que permite a atacantes man-in-the-middle falsificar servidores a trav\u00e9s de un certificado manipulado."}], "id": "CVE-2014-1263", "lastModified": "2014-05-05T05:32:35.670", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2014-02-27T01:55:04.070", "references": [{"source": "product-security@apple.com", "url": "http://curl.haxx.se/docs/adv_20140326C.html"}, {"source": "product-security@apple.com", "url": "http://secunia.com/advisories/57836"}, {"source": "product-security@apple.com", "url": "http://secunia.com/advisories/57966"}, {"source": "product-security@apple.com", "url": "http://secunia.com/advisories/57968"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "http://support.apple.com/kb/HT6150"}, {"source": "product-security@apple.com", "url": "http://twitter.com/agl__/statuses/437029812046422016"}, {"source": "product-security@apple.com", "tags": ["Exploit"], "url": "http://twitter.com/okoeroo/statuses/437272014043496449"}, {"source": "product-security@apple.com", "url": "http://www.getchef.com/blog/2014/04/09/chef-server-11-0-12-release/"}, {"source": "product-security@apple.com", "url": "http://www.getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release/"}, {"source": "product-security@apple.com", "url": "http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release/"}, {"source": "product-security@apple.com", "tags": ["Exploit"], "url": "https://gist.github.com/rmoriz/fb2b0a6a0ce10550ab73"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-310"}], "source": "nvd@nist.gov", "type": "Primary"}]}