Opera SSL certificate hijacking

opera-ssl-certificate-hijacking (27449) The risk level is classified as LowLow Risk

Description:

Opera could allow a remote attacker to steal an SSL certificate from a trusted Web site, caused by a failure to reset the SSL security bar once the download dialog is displayed from a trusted SSL Web site. A remote attacker could exploit this vulnerability to display a yellow SSL security bar from the trusted site on an attacker-controlled Web site, which could be used to trick a user into visiting a malicious Web site that would appear to be safe.


Consequences:

Other

Remedy:

Upgrade to the latest version of Opera (9.0 or later), available from the Opera Web site. See References.

For SUSE Linux:
Refer to SUSE-SA:2006:038 for patch, upgrade, or suggested workaround information. See References.

References:

  • Opera Web site: Download Opera Web Browser.
  • BID-18692: Opera SSL Certificate Spoofing Weakness
  • CVE-2006-3331: Opera before 9.0 does not reset the SSL security bar after displaying a download dialog from an SSL-enabled website, which allows remote attackers to spoof a trusted SSL certificate from an untrusted website and facilitates phishing attacks.
  • SA19480: Opera SSL Certificate "Stealing" Weakness
  • SECTRACK ID: 1016406: Opera May Display the SSL Certificate of a Trusted Site While Visiting an Untrusted Site
  • SUSE-SA:2006:038: Opera 9.0 security update
  • VUPEN/ADV-2006-2571: Opera Browser SSL Security Bar Remote Certificate Spoofing Security Weakness

Platforms Affected:

  • FreeBSD FreeBSD
  • Opera Opera Browser 8.54
  • SUSE SuSE Linux 10.0
  • SUSE SuSE Linux 10.1
  • SUSE SuSE Linux 9.0
  • SUSE SuSE Linux 9.2
  • SUSE SuSE Linux 9.3
  • SuSE SuSE SLES 9

Reported:

Jun 28, 2006

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page