Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <5315CE61.2060702@fifthhorseman.net>
Date: Tue, 04 Mar 2014 13:00:17 +0000
From: Daniel Kahn Gillmor <dkg@...thhorseman.net>
To: oss-security@...ts.openwall.com
Subject: Re: CVE Request?: konqueror - https uses all ciphers,
 even weak ones

On 03/04/2014 12:28 PM, John Haxby wrote:

> openssl s_client doesn’t report problems, but I wouldn’t expect it to.

it should; its peers do:

  gnutls-cli demo.cmrg.net

fails safely closed with:

 GnuTLS error: The Diffie-Hellman prime sent by the server is not
acceptable (not long enough).

and (from libnss3-tools):

  tstclnt -h demo.cmrg.net

fails safely closed with:

tstclnt: read from socket failed:
SSL_ERROR_WEAK_SERVER_EPHEMERAL_DH_KEY: SSL received a weak ephemeral
Diffie-Hellman key in Server Key Exchange handshake message.

> wget just downloads index.html without any issue.

i also consider this a flaw in wget.  i suspect you've got wget compiled
against openssl, because for me (debian testing), wget fails safely
closed with:

GnuTLS: The Diffie-Hellman prime sent by the server is not acceptable
(not long enough).
Unable to establish SSL connection.

while curl (built against OpenSSL) accepts the insecure connection and
proceeds (even leaking cookie information across the weak connection if
i ask it to send cookies).

fwiw, i reported this problem on the openssl-dev mailing list back in
november, following private discussion with openssl upstream.:

http://marc.info/?l=openssl-dev&m=138386738312983&w=2

Regards,

	--dkg


Download attachment "signature.asc" of type "application/pgp-signature" (1011 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.