Difference between revisions of "Failure to validate host-specific certificate data"

Jump to: navigation, search
Line 60: Line 60:
* [[Failure to check for certificate revocation]]
* [[Failure to check for certificate revocation]]
==Categories ==

Revision as of 21:57, 27 May 2006


The failure to validate host-specific certificate data may mean that, while the certificate read was valid, it was not for the site originally requested.


  • Integrity: The data read from the system vouched for by the certificate may not be from the expected system.
  • Authentication: Trust afforded to the system in question - based on the expired certificate - may allow for spoofing or redirection attacks.

Exposure period

  • Design: Certificate verification and handling should be performed in the design phase.


  • Language: All
  • Operating platform: All

Required resources

Minor trust: Users must attempt to interact with the malicious system.



Likelihood of exploit


Avoidance and mitigation

  • Design: Check for expired certificates and provide the user with adequate information about the nature of the problem and how to proceed.


If the host-specific data contained in a certificate is not checked, it may be possible for a redirection or spoofing attack to allow a malicious host with a valid certificate to provide data, impersonating a trusted host.

While the attacker in question may have a valid certificate, it may simply be a valid certificate for a different site. In order to ensure data integrity, we must check that the certificate is valid and that it pertains to the site that we wish to access.


if (!(cert = SSL_get_peer(certificate(ssl)) || !host)
  if ((X509_V_OK==foo) || X509_V_ERR_SUBJECT_ISSUER_MISMATCH==foo))
//do stuff 

Related problems