** Summary changed: - freerdp does not check the CommonName when verifying ssl certificates + freerdp does not check the server's hostname when verifying ssl certificates
** Changed in: freerdp (Ubuntu) Importance: Undecided => High ** Summary changed: - freerdp does not check the server's hostname when verifying ssl certificates + [precise] freerdp does not check the server's hostname when verifying ssl certificates ** Description changed: freerdp in 1.0 added a lot of SSL/X509 certification verification, which is excellent. However, x509_verify_cert() in libfreerdp-core/crypto.c does not validate that the server's hostname matches a domain name in the subject's Common Name (CN) field or a Subject Alternative Name field, which makes it easier to perform man in the middle attacks. tls_verify_certificate() in libfreerdp-core/tls.c also suffers from the same deficiency when it falls back to verifying a certificate that was added to freerdp's certificate store. - As freerdp is new and I don't think anyone has released with it yet, I - am not going to issue a CVE at this time. This fix should also be + As freerdp 1.0 is new and I don't think anyone has released with it yet, + I am not going to issue a CVE at this time. This fix should also be coordinated with Debian unstable since they also have 1.0. People interested in fixing this might want to consult http://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-4318.html for reference. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/925657 Title: [precise] freerdp does not check the server's hostname when verifying ssl certificates To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/freerdp/+bug/925657/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
