[openssl-users] CVE-2015-1793 only on cert-based client auth?

Kurt Roeckx kurt at roeckx.be
Tue Jul 14 17:06:20 UTC 2015

On Mon, Jul 13, 2015 at 01:03:09PM -0400, Colin Edwards wrote:
> I've been reading/hearing different opinions on the recent vulnerability
> for cert chain forging that was patched (CVE-2015-1793).
> Some people are saying the vulnerability only exists if a system is using
> certificate-based client authentication (mutual auth, where both server and
> client are authenticated).  `Basically, that the chain forging can only be
> done on the client side.
> Others are saying certs can be forged on the server, on implementations
> that use only server-side authentication, and if the client is using
> OpenSSL it will verify/accept the forged chain.  The could effectively
> result in MitM against OpenSSL clients.

It's whenever a certificate is received (and validated).  This
means either:
- A client is authenticating a server (server authentication)
- A server is authenticating a client (client authentication)

Of course both could be happening for the same connection.

It's much more common that the client authenticates the server.
Certainly for https client authentication is uncommon.  Also, for
https the client ussually isn't OpenSSL based, except for android.


More information about the openssl-users mailing list