#2839: GnuPG and GnuPG clients unsigned data injection vulnerability
------------------------------------------+---------------------------------
Reporter: Christoph Berg <cb@…> | Owner: mutt-dev
Type: defect | Status: new
Priority: minor | Milestone: 1.6
Component: crypto | Version:
Keywords: |
------------------------------------------+---------------------------------
Old description:
> {{{
> Forwarding #413688 here as well...
>
> The attached mbox is available at http://bugs.debian.org/413688.
>
> ----- Forwarded message from J=F6 Fahlke <[email protected]> -----
>
> Date: Tue, 6 Mar 2007 17:01:33 +0100
> From: J=F6 Fahlke <[email protected]>
> Reply-To: J=F6 Fahlke <[email protected]>, [email protected]
> To: Debian Bug Tracking System <[email protected]>
> Subject: Bug#413688: mutt: GnuPG and GnuPG clients unsigned data
> injectio=
> n
> vulnerability
>
> Package: mutt
> Version: 1.5.13-1.1
> Severity: normal
> Tags: security
>
> [ Stealing the summary from GnuPGs announcement ]
>
> Gerardo Richarte from Core Security Technologies identified a problem
> when using GnuPG in streaming mode.
>
> The problem is actually a variant of a well known problem in the way
> signed material is presented in a MUA. It is possible to insert
> additional text before or after a signed (or signed and encrypted)
> OpenPGP message and make the user believe that this additional text is
> also covered by the signature. The Core Security advisory describes
> several variants of the attack; they all boil down to the fact that it
> might not be possible to identify which part of a message is actually
> signed if gpg is not used correctly.
>
> Core Securities advisory:
> http://www.coresecurity.com/?action=3Ditem&id=3D1687
>
> Announcement on the GnuPG mailinglist:
> http://lists.gnupg.org/pipermail/gnupg-announce/2007q1/000251.html
>
> I was able to verify that the second way of attack variant 2 decribed
> by Core Security does indeed work with mutt from testing. A testcase
> is attached.
>
> MfG,
> J=F6.
>
> ----- End forwarded message -----
>
> Christoph
> --=20
> [email protected] | http://www.df7cb.de/
>
> >Fix:
> Unknown
> }}}
New description:
{{{
Forwarding #413688 here as well...
The attached mbox is available at http://bugs.debian.org/413688.
----- Forwarded message from J=F6 Fahlke <[email protected]> -----
Date: Tue, 6 Mar 2007 17:01:33 +0100
From: J=F6 Fahlke <[email protected]>
Reply-To: J=F6 Fahlke <[email protected]>, [email protected]
To: Debian Bug Tracking System <[email protected]>
Subject: Bug#413688: mutt: GnuPG and GnuPG clients unsigned data
injectio=
n
vulnerability
Package: mutt
Version: 1.5.13-1.1
Severity: normal
Tags: security
[ Stealing the summary from GnuPGs announcement ]
Gerardo Richarte from Core Security Technologies identified a problem
when using GnuPG in streaming mode.
The problem is actually a variant of a well known problem in the way
signed material is presented in a MUA. It is possible to insert
additional text before or after a signed (or signed and encrypted)
OpenPGP message and make the user believe that this additional text is
also covered by the signature. The Core Security advisory describes
several variants of the attack; they all boil down to the fact that it
might not be possible to identify which part of a message is actually
signed if gpg is not used correctly.
Core Securities advisory:
http://www.coresecurity.com/?action=3Ditem&id=3D1687
Announcement on the GnuPG mailinglist:
http://lists.gnupg.org/pipermail/gnupg-announce/2007q1/000251.html
I was able to verify that the second way of attack variant 2 decribed
by Core Security does indeed work with mutt from testing. A testcase
is attached.
MfG,
J=F6.
----- End forwarded message -----
Christoph
--=20
[email protected] | http://www.df7cb.de/
>Fix:
Unknown
}}}
--
Comment(by me):
assuming the user is using the contrib/gpg.rc shipped with mutt, they will
see the following output when viewing the mailbox testcase on this ticket:
{{{
From [email protected] Tue Mar 06 16:01:20 2007
Date: Tue, 6 Mar 2007 16:01:20 +0100
From: Jö Fahlke <[email protected]>
To: Jö <joe@localhost>
Subject: test
[-- PGP output follows (current time: Mon 14 Jan 2013 09:04:54 PM PST) --]
gpg: WARNING: multiple plaintexts seen
gpg: handle plaintext failed: unexpected data
gpg: Signature made Tue 06 Mar 2007 07:36:45 AM PST using DSA key ID
4EEFD4EB
gpg: BAD signature from "Jorrit Fahlke <[email protected]>"
[-- End of PGP output --]
[-- BEGIN PGP MESSAGE --]
This text is inserted by the attacker
[-- END PGP MESSAGE --]
}}}
--
Ticket URL: <http://dev.mutt.org/trac/ticket/2839#comment:4>
Mutt <http://www.mutt.org/>
The Mutt mail user agent
