Rapid7 Vulnerability & Exploit Database

MFSA2011-34: Protection against fraudulent DigiNotar certificates

Back to Search

MFSA2011-34: Protection against fraudulent DigiNotar certificates

Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
08/30/2011
Created
07/25/2018
Added
09/08/2011
Modified
01/30/2015

Description

Google Chrome user alibo encountered an active "man in the middle" (MITM) attack on secure SSL connections to Google servers. The fraudulent certificate was mis-issued by DigiNotar, a Dutch Certificate Authority. DigiNotar has reported evidence that other fraudulent certificates were issued and in active use but the full extent of the compromise is not known.

For the protection of our users Mozilla has removed the DigiNotar root certificate. Sites using certificates issued by DigiNotar will need to seek another certificate vendor.

Mozilla thanks Google, Inc. for reporting this issue to us. We also thank Marien Zwart (Mozilla Localization), Ot van Daalen (Bits of Freedom), and Erik de Jong (GovCERT) for their help.

Solution(s)

  • mozilla-firefox-upgrade-3_6_21
  • mozilla-firefox-upgrade-6_0_1

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;