Stefan Esser, also known as i0n1c, has made a ‘quick and dirty’ patch available to fix the serious SSL vulnerability that Apple just patched in iOS but has yet to fix in OS X Mavericks.
The flaw is very serious because it totally compromises the security of SSL and allows for man in the middle attack on otherwise secure SSL connections without any warning on the client side. Unfortunately it has been discovered that this vulnerability is also present in OSX Mavericks. When you look at the following code snippet that is taken from Security.framework’s sslKeyExchange.c you can spot a superfluous “goto fail;” statement. This statement is executed in all cases and completely bypasses the call to sslRawVerify. This means there is actually no verification performed on the signed server key exchange.
I0n1c has released a patch for the 64bit version of the Security.framework. However, users are warned that it is experimental and shouldn’t be installed on production machines.
To see if your machine is vulnerable visit http://www.gotofail.com with a Safari browser.
A more detailed explanation of the vulnerability can be found at ImperialViolet.
via sektioneins
Leave a Reply