Skip to main content

Fraudulent SSL Digital Certificates affect multiple Internet Applications and Network devices

Last Update Date: 21 Sep 2011 Release Date: 16 Sep 2011 6690 Views

RISK: Medium Risk

TYPE: Attacks - Other

TYPE: Other

DigiNotar is a Dutch certification authority (CA) for issuing the SSL and EVSSL digital certificate, many internet application and network devices are preloaded the DigiNotar's root certificate in the trusted root certification authorities. The list of known fraudulent certificates issued by DigiNotarby contains some high level domains e.g. google.com, mozilla.com, yahoo.com, torproject.org etc.

 

Although the attack was said to target Iran, the hacker who has access to the root certificate of DigiNotar can generate and sign fraudulent SSL digital certificate for any domain. A fraudulent SSL digital certificate could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Internet users. Many of the major browser vendors had removed DigiNotar root certificates from their list of trusted CA.

  

HKCERT is aware of public reports of the existence of fraudulent SSL certificates issued by DigiNotar due to the organization suffered a serious security breach incident. Vasco, the parent company of DigiNotar, had issued a press release on the details of the incident on 30 August. HKCERT had blogged DigiNotar CA security breach resulting in issuance of fake certificates on 1 September to arouse attention of general public.


Impact

  • Spoofing

System / Technologies affected

  • Any Internet applications and network devices preloaded the DigiNotar root certificate.

Solutions


Vulnerability Identifier

  • No CVE information is available

Source


Related Link