CVE-2013-4238

The ssl.match_hostname function in the SSL module in Python 2.6 through 3.4 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.

CVSS v2.0 4.3 MEDIUM

4.3^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://bugs.python.org/issue18709	Patch
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
http://lists.opensuse.org/opensuse-updates/2013-09/msg00026.html	Vendor Advisory
http://lists.opensuse.org/opensuse-updates/2013-09/msg00027.html	Vendor Advisory
http://lists.opensuse.org/opensuse-updates/2013-09/msg00028.html	Vendor Advisory
http://lists.opensuse.org/opensuse-updates/2013-09/msg00029.html	Vendor Advisory
http://lists.opensuse.org/opensuse-updates/2013-09/msg00042.html	Vendor Advisory
http://lists.opensuse.org/opensuse-updates/2013-09/msg00043.html	Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2013-1582.html
http://seclists.org/fulldisclosure/2014/Dec/23
http://www.debian.org/security/2014/dsa-2880
http://www.securityfocus.com/archive/1/534161/100/0/threaded
http://www.ubuntu.com/usn/USN-1982-1	Vendor Advisory
http://www.vmware.com/security/advisories/VMSA-2014-0012.html
https://bugzilla.redhat.com/show_bug.cgi?id=996381	Patch
http://bugs.python.org/issue18709	Patch
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
http://lists.opensuse.org/opensuse-updates/2013-09/msg00026.html	Vendor Advisory
http://lists.opensuse.org/opensuse-updates/2013-09/msg00027.html	Vendor Advisory
http://lists.opensuse.org/opensuse-updates/2013-09/msg00028.html	Vendor Advisory
http://lists.opensuse.org/opensuse-updates/2013-09/msg00029.html	Vendor Advisory
http://lists.opensuse.org/opensuse-updates/2013-09/msg00042.html	Vendor Advisory
http://lists.opensuse.org/opensuse-updates/2013-09/msg00043.html	Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2013-1582.html
http://seclists.org/fulldisclosure/2014/Dec/23
http://www.debian.org/security/2014/dsa-2880
http://www.securityfocus.com/archive/1/534161/100/0/threaded
http://www.ubuntu.com/usn/USN-1982-1	Vendor Advisory
http://www.vmware.com/security/advisories/VMSA-2014-0012.html
https://bugzilla.redhat.com/show_bug.cgi?id=996381	Patch

Configurations

Configuration 1 (hide)

cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*

Configuration 2 (hide)

OR	cpe:2.3:a:python:python:2.6.1:::::::*
	cpe:2.3:a:python:python:2.6.2:::::::*
	cpe:2.3:a:python:python:2.6.3:::::::*
	cpe:2.3:a:python:python:2.6.4:::::::*
	cpe:2.3:a:python:python:2.6.5:::::::*
	cpe:2.3:a:python:python:2.6.6:::::::*
	cpe:2.3:a:python:python:2.6.7:::::::*
	cpe:2.3:a:python:python:2.6.8:::::::*
	cpe:2.3:a:python:python:2.6.2150:::::::*
	cpe:2.3:a:python:python:2.6.6150:::::::*
	cpe:2.3:a:python:python:2.7.1:::::::*
	cpe:2.3:a:python:python:2.7.1:rc1::::::
	cpe:2.3:a:python:python:2.7.2:rc1::::::
	cpe:2.3:a:python:python:2.7.3:::::::*
	cpe:2.3:a:python:python:2.7.1150:::::::*
	cpe:2.3:a:python:python:2.7.1150::::::x64:
	cpe:2.3:a:python:python:2.7.2150:::::::*
	cpe:2.3:a:python:python:3.0:::::::*
	cpe:2.3:a:python:python:3.0.1:::::::*
	cpe:2.3:a:python:python:3.1:::::::*
	cpe:2.3:a:python:python:3.1.1:::::::*
	cpe:2.3:a:python:python:3.1.2:::::::*
	cpe:2.3:a:python:python:3.1.3:::::::*
	cpe:2.3:a:python:python:3.1.4:::::::*
	cpe:2.3:a:python:python:3.1.5:::::::*
	cpe:2.3:a:python:python:3.1.2150::::::x64:
	cpe:2.3:a:python:python:3.2:::::::*
	cpe:2.3:a:python:python:3.2:alpha::::::
	cpe:2.3:a:python:python:3.2.3:::::::*
	cpe:2.3:a:python:python:3.2.2150:::::::*
	cpe:2.3:a:python:python:3.3:::::::*
	cpe:2.3:a:python:python:3.3:beta2::::::
	cpe:2.3:a:python:python:3.4:alpha1::::::

Configuration 3 (hide)

OR	cpe:2.3:o:opensuse:opensuse:11.4:::::::*
	cpe:2.3:o:opensuse:opensuse:12.2:::::::*
	cpe:2.3:o:opensuse:opensuse:12.3:::::::*

History

21 Nov 2024, 01:55

Information

Published : 2013-08-18 02:52

Updated : 2025-04-11 00:51

NVD link : CVE-2013-4238

Mitre link : CVE-2013-4238

CVE.ORG link : CVE-2013-4238

JSON object : View

Products Affected

python

python

opensuse

opensuse

canonical

ubuntu_linux

CWE

CWE-20

Improper Input Validation

{"id": "CVE-2013-4238", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-08-18T02:52:22.943", "references": [{"url": "http://bugs.python.org/issue18709", "tags": ["Patch"], "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00026.html", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00027.html", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00028.html", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00029.html", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00042.html", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00043.html", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2013-1582.html", "source": "secalert@redhat.com"}, {"url": "http://seclists.org/fulldisclosure/2014/Dec/23", "source": "secalert@redhat.com"}, {"url": "http://www.debian.org/security/2014/dsa-2880", "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded", "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/USN-1982-1", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=996381", "tags": ["Patch"], "source": "secalert@redhat.com"}, {"url": "http://bugs.python.org/issue18709", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00026.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00027.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00028.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00029.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00042.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00043.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2013-1582.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://seclists.org/fulldisclosure/2014/Dec/23", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.debian.org/security/2014/dsa-2880", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.ubuntu.com/usn/USN-1982-1", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=996381", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "The ssl.match_hostname function in the SSL module in Python 2.6 through 3.4 does not properly handle a '\\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408."}, {"lang": "es", "value": "La funci\u00f3n ssl.match_hostname en el m\u00f3dulo SSL en Python v2.6 hasta v3.4 no manejar adecuadamente un car\u00e1cter \u201c\\0\u201d en un nombre de dominio en el campo Subject Alternative Name de un certificado X.509, lo que permite a atacantes \"man-in-the-middle\" suplantar servidores SSL de su elecci\u00f3n mediante un certificado manipulado expedido por una Autoridad Certificadora leg\u00edtima, un problema relacionado con CVE-2009-2408"}], "lastModified": "2025-04-11T00:51:21.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7118F616-25CA-4E34-AA13-4D14BB62419F"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:python:python:2.6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "244740D0-CACA-4607-964C-F0F46153653D"}, {"criteria": "cpe:2.3:a:python:python:2.6.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BA3487C5-05AD-4553-B123-45F0A51BBA3C"}, {"criteria": "cpe:2.3:a:python:python:2.6.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "486AB201-5BE7-4947-B18B-DA8F86E5D626"}, {"criteria": "cpe:2.3:a:python:python:2.6.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E852D2C6-D744-4311-97B3-CAEF073D6585"}, {"criteria": "cpe:2.3:a:python:python:2.6.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "845FBD14-4175-49F1-B762-4F550CEF5B0D"}, {"criteria": "cpe:2.3:a:python:python:2.6.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "84E7646B-BC7C-4ED6-925B-268291F31610"}, {"criteria": "cpe:2.3:a:python:python:2.6.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6CD6B328-E333-48C3-B2CC-41EC95321B7C"}, {"criteria": "cpe:2.3:a:python:python:2.6.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9C22EAA6-B771-46C3-A0B8-E342493E1F77"}, {"criteria": "cpe:2.3:a:python:python:2.6.2150:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3BAEB1E3-E3E6-4807-A2FF-ACD2F4356E39"}, {"criteria": "cpe:2.3:a:python:python:2.6.6150:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "92FF153A-69D5-444F-8FB3-78BF1C33F209"}, {"criteria": "cpe:2.3:a:python:python:2.7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8CE2063E-5B74-4731-885F-80D2D7B15604"}, {"criteria": "cpe:2.3:a:python:python:2.7.1:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC647F82-9679-4B26-AFF1-1B43B0AF18B5"}, {"criteria": "cpe:2.3:a:python:python:2.7.2:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "046BCC55-F166-4C31-AB2B-815A0DFA2BEE"}, {"criteria": "cpe:2.3:a:python:python:2.7.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6A3CABCB-9FA8-4B13-8CF1-AA89B9E9B7E7"}, {"criteria": "cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D00809F-8D47-428E-9347-2BF36A61901A"}, {"criteria": "cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:x64:*", "vulnerable": true, "matchCriteriaId": "14EF3E9D-8F0D-40C4-A171-866D091CB531"}, {"criteria": "cpe:2.3:a:python:python:2.7.2150:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CC94B908-E405-4BD2-BE36-2BB90238F7EE"}, {"criteria": "cpe:2.3:a:python:python:3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC0C702F-59E0-40AB-BA95-8F0803AB0550"}, {"criteria": "cpe:2.3:a:python:python:3.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3190C547-7230-476C-A43F-641FE7B891EB"}, {"criteria": "cpe:2.3:a:python:python:3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "74AC7EE5-F01D-4F28-80D1-4076B7B24BA6"}, {"criteria": "cpe:2.3:a:python:python:3.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2B547525-E0DB-4D64-8ED1-AF3F1B6FF65F"}, {"criteria": "cpe:2.3:a:python:python:3.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "19064C18-1CD7-4F10-8065-4B900BB31F83"}, {"criteria": "cpe:2.3:a:python:python:3.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B1997CB6-FD72-4B13-915A-7500AA06F4B1"}, {"criteria": "cpe:2.3:a:python:python:3.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "06A1811C-4E97-4226-8335-ADF0827A03B3"}, {"criteria": "cpe:2.3:a:python:python:3.1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BF2C50D1-187B-4E98-BA02-008D0ED4C220"}, {"criteria": "cpe:2.3:a:python:python:3.1.2150:*:*:*:*:*:x64:*", "vulnerable": true, "matchCriteriaId": "9EB9683A-EE1C-4EB6-BF27-39A274B37D3F"}, {"criteria": "cpe:2.3:a:python:python:3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "87845E79-F4A3-4390-9ACF-A14E86BCDB10"}, {"criteria": "cpe:2.3:a:python:python:3.2:alpha:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2C8F3C4-91AB-4AE3-A2FB-A093F97742FD"}, {"criteria": "cpe:2.3:a:python:python:3.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "027FD902-9B08-4EDF-9F83-314FBF0583ED"}, {"criteria": "cpe:2.3:a:python:python:3.2.2150:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F236E583-D23D-4769-8A25-EBFC930E4798"}, {"criteria": "cpe:2.3:a:python:python:3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6DF7665B-3A10-46D1-B486-AFC9ED6C0B8A"}, {"criteria": "cpe:2.3:a:python:python:3.3:beta2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0E2DAB9D-5D7D-40ED-8110-E3FDF7AE0729"}, {"criteria": "cpe:2.3:a:python:python:3.4:alpha1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B567FD3B-10F2-45DF-BC50-04316DF15113"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE554781-1EB9-446E-911F-6C11970C47F4"}, {"criteria": "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D806A17E-B8F9-466D-807D-3F1E77603DC8"}, {"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}

4.3 /10