Serious vulnerability found in SSL/TLS on OS X Mavericks and iOS, easily exploitable [Update]

Apple has been working hard to get its products into the enterprise but a new security vulnerability is about to put a black eye on their reputation. Sure, we know that many companies have security related issues but it’s the fact of the obvious oversight of this issue that will raise alarm bells.

On Friday, Apple revealed a significant bug in their SSL/TLS implementation:

Impact: An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS

Description: Secure Transport failed to validate the authenticity of the connection. This issue was addressed by restoring missing validation steps.

Based on the report, it seems that Apple didn't include (proper) hostname verification for any iOS <7.0.6. See below for updated details.

Matthew D. Green, Assistant Research Professor at the Johns Hopkins Information Security Institute, notes that this is "seriously exploitable."

Aside from iOS, we noted that this also seems to be present in OS X Mavericks, however it seems to be only affecting SSL connections over IP addresses rather than domains. While this does lessen the extent of the vulnerability, it's still a glaring issue into the security of the platform, and there may be a way to bypass this restriction.

An example of the issue can be demonstrated with the following commands in terminal: 
curl https://neowin.net/ would fail, however curl https://74.204.71.247/ would be successful.

OSX Mavericks: SSL directly over IP is not being validated

If this is in fact the case, then this is a fairly significant security issue for all machines running OSX Mavericks, even if it is only affecting IP addresses and not domains. Many apps reference IP addresses directly, so this is a fairly problematic issue, and there is more than likely a method to get around the limitation.

Adam Langely, security researcher and part of Google's security team, notes that this is affects Safari on both iOS and OSX, and that it breaks SSL completely.

We expect that Apple will address this issue in short order but the fact that they occurred in the first place, is more alarming. With enterprise security (and consumer security) always a highly sensitive subject, such a simple oversight here could lead to profound implications if properly exploited.

UPDATE: Upon review of the SSL implementation, it seems that the function SSLVerifySignedServerKeyExchange was declaring that there was no error before the verification even took place.

As Adam Langely explains:

Note the two goto fail lines in a row. The first one is correctly bound to the if statement but the second, despite the indentation, isn't conditional at all. The code will always jump to the end from that second goto, err will contain a successful value because the SHA1 update operation was successful and so the signature verification will never fail.

Source: Apple | Security image via Shutterstock

 

Report a problem with article
Previous Story

Microsoft slashes Windows 8.1 pricing 70% to make way for cheaper devices

Next Story

Bing Maps Preview app for Windows 8.1 adds 15 new 3D cities

41 Comments - Add comment