First published: Sat Feb 22 2014(Updated: )
The SSLVerifySignedServerKeyExchange function in libsecurity_ssl/lib/sslKeyExchange.c in the Secure Transport feature in the Data Security component in Apple iOS 6.x before 6.1.6 and 7.x before 7.0.6, Apple TV 6.x before 6.0.2, and Apple OS X 10.9.x before 10.9.2 does not check the signature in a TLS Server Key Exchange message, which allows man-in-the-middle attackers to spoof SSL servers by (1) using an arbitrary private key for the signing step or (2) omitting the signing step.
Credit: product-security@apple.com product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple iPhone OS | =6.0 | |
Apple iPhone OS | =6.0.1 | |
Apple iPhone OS | =6.0.2 | |
Apple iPhone OS | =6.1 | |
Apple iPhone OS | =6.1.2 | |
Apple iPhone OS | =6.1.3 | |
Apple iPhone OS | =6.1.4 | |
Apple iPhone OS | =6.1.5 | |
Apple Mac OS X | =10.9 | |
Apple Mac OS X | =10.9.1 | |
Apple tvOS | =6.0 | |
Apple tvOS | =6.0.1 | |
Apple iPhone OS | =7.0 | |
Apple iPhone OS | =7.0.1 | |
Apple iPhone OS | =7.0.2 | |
Apple iPhone OS | =7.0.3 | |
Apple iPhone OS | =7.0.4 | |
Apple iPhone OS | =7.0.5 | |
Apple iPhone OS | >=6.0<6.1.6 | |
Apple iPhone OS | >=7.0<7.0.6 | |
Apple Mac OS X | >=10.9<10.9.2 | |
Apple tvOS | >=6.0<6.0.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.