Researchers at Talos have uncovered a flaw in the Randombit Botan library, according to a post on the company blog.
The flaw, which the researchers ascribe to a programming error, could lead to certificate verification issues and abuse.
"The vulnerability is located in the function that Botan uses to parse the x509 distinguished name," the report stated. More particularly, the flaw is in the equality comparison function Botan::x500_name_cmp. The problem arises because of the manner in which the white spaces are handled, which could enable attackers to create a crafted x509 certificate with specific x509 DN strings for subject and issuer fields.
"With careful control over X509 distinguished names contents and depending on memory layout in the target application, it could be possible to craft a certificate where equality checks could pass or fail," the report found.
If exploited, the flaw could enable attackers to dupe a system into linking up with unauthorized computers, leading to man-in-the-middle attacks or to connections with a malicious server.
Snort Rule 42015 was issued to detect exploitation attempts and an advisory was posted on the Randombit website informing users that the vulnerability is now fixed in versions 2.1.0 and 1.10.16.
