Goto Fail: Apple iOS Bug Compromises SSL, Opens Vector for Attackers

From ZDNet:
Apple on Friday revealed a major SSL (Secure Socket Layer) vulnerability in
its software that affects all devices, allowing hackers to intercept and alter communications such as email and login credentials for countless Apple hardware users.

A new version of Apple's iOS for its tablets and phones was rushed out the door Friday to patch the vulnerability, wherein its mobile, tablet and desktop software is not doing SSL/TLS hostname checking — communications meant to be encrypted, are not.

The patch has only been issued for the more recent iPhones (4 and later), iPod touch (5th generation) and iPad (2nd generation).

Security researchers across several communities believe that Mac computers are even more exposed, as they are currently left hanging without a patch.
Imperial Violet has details on the bug itself:

So here's the Apple bug:

static OSStatus
SSLVerifySignedServerKeyExchange(SSLContext *ctx, bool isRsa, SSLBuffer signedParams,
                                 uint8_t *signature, UInt16 signatureLen)
{
 OSStatus        err;
 ...

 if ((err = SSLHashSHA1.update(&hashCtx, &serverRandom)) != 0)
  goto fail;
 if ((err = SSLHashSHA1.update(&hashCtx, &signedParams)) != 0)
  goto fail;
  goto fail;
 if ((err = SSLHashSHA1.final(&hashCtx, &hashOut)) != 0)
  goto fail;
 ...

fail:
 SSLFreeBuffer(&signedHashes);
 SSLFreeBuffer(&hashCtx);
 return err;
}
 
(Quoted from Apple's published source code.)
Note the two goto fail lines in a row. The first one is correctly bound to the if statement but the second, despite the indentation, isn't conditional at all. The code will always jump to the end from that second goto, err will contain a successful value because the SHA1 update operation was successful and so the signature verification will never fail.
If you're worried your system may be affected, follow the link above to Imperial Violent, who has created a tool to do a quick check.

3 comments:

  1. I've heard about this news. I think Apple has a much better protection from such attacks. I have my own resource cannypic.com with free vectors to download.

    ReplyDelete
  2. I recommend you use this application to monitor someones phone.

    ReplyDelete
  3. To elucidate their patent encroachment charges, Apple displayed to the jury four declared outline licenses. Check this

    ReplyDelete