14 DAY TRIAL // A vulnerability in Mozilla’s Network Security Services (NSS) cryptographic library could permit forging RSA certificates.
NSS is a set of libraries that can be used to develop client and server applications with support for different secure communication protocols, like SSL, TLS or PKCS.
The glitch would permit a potential attacker to create fake RSA certificates that are used to ensure communication with a legitimate server through digital signatures.
Users risk landing on malicious websites
Cybercriminals can use a fraudulent certificate to set up malicious websites that appear legitimate to the user. All the signs of a secure connection would be available, but at the other end, all information (credentials, sensitive financial details) entered by the user is collected by the crooks.
Fake certificates can be used in phishing attacks, where the malicious website impersonates the original one.
“Users on a compromised network could be directed to sites using a fraudulent certificate and mistake them for legitimate sites. This could deceive them into revealing personal information such as usernames and passwords. It may also deceive users into downloading malware if they believe it’s coming from a trusted site,” says Daniel Veditz, lead security researcher at Mozilla.
Updates have already been released
Mozilla has already developed a patch for the vulnerability and proceeded to push it to its clients’ products.
At the moment, there are updates for multiple Firefox revisions on different platforms: Firefox 32.0.3, Firefox for Android 32.0.3, Firefox for Android 31.1.1, Firefox ESR 31.1.1 and Firefox ESR 24.8.1.
The Thunderbird email client (build 31.1.2 and 24.8.1) and SeaMonkey (version 2.29.1) also benefit from the patch.
Mozilla says that less stable editions of the web browser (Beta, Aurora) have also received the fix.
Getting the latest version of the browser should be done automatically, through the built-in update mechanism. However, if the auto-update is disabled, the new versions are available straight from the developer.
Users working with the Network Security Services library set are advised to get the latest revisions (3.16.2.1, 3.16.5 and 3.17.1) that contain the patch.
Security researcher Antoine Delignat-Lavaud from team Proseco has been credited for reporting the issue in NSS that allowed a type of signature forgery attack. The flaw consists in “lenient parsing of ASN.1 values involved in a signature.”
Intel Security made the same discovery, independently, and contacted the Mozilla Security team; they dubbed it BERserk.
Mike Fey from Intel-owned McAfee explained in a blog post that “ASN.1 messages are made up of various parts that are encoded using BER (Basic Encoding Rules) and/or DER (Distinguished Encoding Rules). This attack exploits the fact that the length of a field in BER encoding can be made to use many bytes of data. In vulnerable implementations, these bytes are then skipped during parsing.”