StartSSL CA Flaw Fixed

Wednesday, March 30, 2016 @ 10:03 AM gHale


There is a domain validation flaw for the StartSSL certificate authority (CA) an attacker could leverage to receive SSL certificates for any domain he wanted.

StartSSL is a Web service owned by Israeli-based StartCom, which enables webmasters to request valid SSL certificates for their domains, recognized in all the major browsers.

RELATED STORIES
DROWN can Sink Encryption Protection
Data Breaches Rise: Report
Breach Detection Better; Attacks on Rise
Multi-APT’s Linked to One Attack Group

To prevent abuse, like hackers asking for certificates for sites they don’t own, CAs force each user to go through a validation process that verifies they are the actual owner of the domain.

There are several ways this can happen. The most common procedure employed by the vast majority of CAs is to have the user place a certain file on the domain’s server root.

But there’s another way. Users can request an email sent to their main domain, which includes a validation code. StartSSL also employs this procedure and uses three standard email addresses where this validation email is sent automatically. These are postmaster@domain.com, hostmaster@domain.com, and webmaster@@domain.com.

Security researcher Osama Almanna found in the Web form where the user decides to which of these addresses to send the validation code, a skilled attacker could capture the HTTP request sent to the server and modify the included parameters.

One of those parameters is the destination email address, which they could replace with their own. This meant Almanna could request a valid SSL certificate for google.com or facebook.com and have StartSSL send the validation email to his personal Hotmail inbox.

Attacker could abuse this loophole to issue SSL certificates for banking portals and then use them in their phishing campaigns.

Almanna said he notified StartSSL, who fixed the flaw on the same day.