CWE-593: Authentication Bypass: OpenSSL CTX Object Modified after SSL Objects are Created

Description

The product modifies the SSL context after connection creation has begun.

Submission Date :

Dec. 15, 2006, midnight

Modification Date :

2023-06-29 00:00:00+00:00

Organization :

MITRE

Extended Description

If the program modifies the SSL_CTX object after creating SSL objects from it, there is the possibility that older SSL objects created from the original context could all be affected by that change.

Example Vulnerable Codes

Example - 1

The following example demonstrates the weakness.



int_error("Error loading certificate from file");
int_error("Error loading private key from file");
int_error("Error creating an SSL context");
int_error("Doing something which is dangerous to do anyways");
int_error("Error creating an SSL context");SSL_CTX *ctx;SSL *ssl;init_OpenSSL();seed_prng();ctx = SSL_CTX_new(SSLv23_method());if (SSL_CTX_use_certificate_chain_file(ctx, CERT) != 1)if (SSL_CTX_use_PrivateKey_file(ctx, CERT, SSL_FILETYPE_PEM) != 1)if (!(ssl = SSL_new(ctx)))if ( SSL_CTX_set_default_passwd_cb(ctx, "new default password" != 1))if (!(ssl2 = SSL_new(ctx)))#define CERT "secret.pem"#define CERT2 "secret2.pem"int main(){}

Related Weaknesses

This table shows the weaknesses and high level categories that are related to this weakness. These relationships are defined to give an overview of the different insight to similar items that may exist at higher and lower levels of abstraction.

CWE-666: Operation on Resource in Wrong Phase of Lifetime

Go to

CWE-1390: Weak Authentication

Go to

Visit http://cwe.mitre.org/ for more details.