CVE-2011-5242

tmhOAuth before 0.61 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

CVSS v2.0 5.8 MEDIUM

5.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:N

Exploitability : 8.6 / Impact : 4.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://www.unrest.ca/peerjacking
https://github.com/themattharris/tmhOAuth/blob/master/README.md

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:themattharris:tmhoauth::::::::
	cpe:2.3:a:themattharris:tmhoauth:0.2:::::::*
	cpe:2.3:a:themattharris:tmhoauth:0.3:::::::*
	cpe:2.3:a:themattharris:tmhoauth:0.4:::::::*
	cpe:2.3:a:themattharris:tmhoauth:0.5:::::::*
	cpe:2.3:a:themattharris:tmhoauth:0.11:::::::*
	cpe:2.3:a:themattharris:tmhoauth:0.12:::::::*
	cpe:2.3:a:themattharris:tmhoauth:0.13:::::::*
	cpe:2.3:a:themattharris:tmhoauth:0.14:::::::*
	cpe:2.3:a:themattharris:tmhoauth:0.51:::::::*
	cpe:2.3:a:themattharris:tmhoauth:0.52:::::::*
	cpe:2.3:a:themattharris:tmhoauth:0.53:::::::*
	cpe:2.3:a:themattharris:tmhoauth:0.54:::::::*
	cpe:2.3:a:themattharris:tmhoauth:0.55:::::::*
	cpe:2.3:a:themattharris:tmhoauth:0.56:::::::*
	cpe:2.3:a:themattharris:tmhoauth:0.57:::::::*
	cpe:2.3:a:themattharris:tmhoauth:0.58:::::::*

History

No history.

Information

Published : 2012-11-06 12:21

Updated : 2024-02-28 12:00

NVD link : CVE-2011-5242

Mitre link : CVE-2011-5242

CVE.ORG link : CVE-2011-5242

JSON object : View

Products Affected

themattharris

tmhoauth

CWE

CWE-20

Improper Input Validation

{"id": "CVE-2011-5242", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2012-11-06T12:21:27.087", "references": [{"url": "http://www.unrest.ca/peerjacking", "source": "cve@mitre.org"}, {"url": "https://github.com/themattharris/tmhOAuth/blob/master/README.md", "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "tmhOAuth before 0.61 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate."}, {"lang": "es", "value": "tmhOAuth antes de v0.61 no comprueba si el nombre del servidor coincide con un nombre de dominio en el Common Name (CN) del asunto o el campo subjectAltName del certificado X.509, lo que permite a atacantes man-in-the-middle falsificar servidores SSL a trav\u00e9s de un certificado v\u00e1lido arbitrario."}], "lastModified": "2012-11-06T12:21:27.087", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:themattharris:tmhoauth:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2C9F71FE-21C7-455A-9E50-F409D006796C", "versionEndIncluding": "0.60"}, {"criteria": "cpe:2.3:a:themattharris:tmhoauth:0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "918BBA2E-387C-44B5-9EE0-BE2CDD80DEA4"}, {"criteria": "cpe:2.3:a:themattharris:tmhoauth:0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B5B41857-603D-4576-8DBF-ABD80F25AD5A"}, {"criteria": "cpe:2.3:a:themattharris:tmhoauth:0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "844656F0-977F-4CD3-9301-94871739E816"}, {"criteria": "cpe:2.3:a:themattharris:tmhoauth:0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4E6F2AD5-1997-4571-BE7B-D5BA65F19BD3"}, {"criteria": "cpe:2.3:a:themattharris:tmhoauth:0.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2E5509AD-6BED-4715-A885-F890E157846A"}, {"criteria": "cpe:2.3:a:themattharris:tmhoauth:0.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9CF50D58-54BC-4E9A-8E13-5BC3E0D5B5DB"}, {"criteria": "cpe:2.3:a:themattharris:tmhoauth:0.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "135FBF3A-8D0F-4E9A-B83B-AB4A49AFF78B"}, {"criteria": "cpe:2.3:a:themattharris:tmhoauth:0.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "267D0805-FC82-4F24-8A8D-92316429E3B1"}, {"criteria": "cpe:2.3:a:themattharris:tmhoauth:0.51:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA435BF9-C1CD-4ED0-BBB3-752D6826E663"}, {"criteria": "cpe:2.3:a:themattharris:tmhoauth:0.52:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5AAD8764-56DC-4353-B0F8-9DBC71537A5D"}, {"criteria": "cpe:2.3:a:themattharris:tmhoauth:0.53:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F6A1E9E0-A55F-4A2B-A27B-0A34C0F7BF46"}, {"criteria": "cpe:2.3:a:themattharris:tmhoauth:0.54:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "22CCA132-2C15-467C-A772-F2A2B14B9FEB"}, {"criteria": "cpe:2.3:a:themattharris:tmhoauth:0.55:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A6CB2491-D5D2-45E1-90F8-C1189E23E090"}, {"criteria": "cpe:2.3:a:themattharris:tmhoauth:0.56:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A787A897-8386-45EC-A1D1-1FC8FE597ABC"}, {"criteria": "cpe:2.3:a:themattharris:tmhoauth:0.57:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A3F5DC07-AC9F-41F0-B166-95B31983B106"}, {"criteria": "cpe:2.3:a:themattharris:tmhoauth:0.58:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FDDDA7CC-3C5E-4BF8-9C25-73E90DF60120"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}