Uploaded image for project: 'MariaDB Connector/C'
  1. MariaDB Connector/C
  2. CONC-656

TLS-using MariaDB clients tell MITM attackers if they can be undetectably MITM'ed

    XMLWordPrintable

Details

    Description

      This vulnerability is a subset of CONC-654, but it can be fixed independently of CONC-654.

      MySQL and MariaDB clients (tested against both 10.2.44 and 11.2.0, as well as MySQL 8.0) send the CLIENT_SSL_VERIFY_SERVER_CERT bit in plaintext in their pre-TLS SSLRequest packet.

      This information leakage makes it easy for a pervasive MITM attacker to decide whether or not it can undetectably MITM the TLS connection.:

      • If the MITM attacker sees that the client is not going to verify the server's certificate, it can insert itself as a two-sided TLS-using MITM attacker (à la mitmproxy), which will allow it to read all of the client/server traffic, with high confidence that this situation will not be detected by the client.
      • If the MITM attacker sees that the client is going to verify the server's certificate, it can infer that the client will detect and abort the connection if the server's certificate does not match the client's expectation. The MITM attacker can use this to "lay low".

      *There is absolutely no reason for the client to reveal in plaintext whether and how it is planning to verify the server's TLS certificate .*

      The fix here — even before solving CONC-654 more generally — should simply be to strip the CLIENT_SSL_VERIFY_SERVER_CERT bit from the SSLRequest packet before sending it on the wire.

      Wireshark dissections

      The Wireshark dissector source for MySQL/MariaDB protocol (https://github.com/wireshark/wireshark/blob/master/epan/dissectors/packet-mysql.c#L96-L114) erroneously identifies the CLIENT_SSL_VERIFY_SERVER_CERT bit as "unused" (not sent on the wire.

      However, it is indeed sent on the wire in plaintext by MariaDB and MySQL clients. It is the second-most-significant "unused" bit highlighted in the screenshots below.

      Client packet with CLIENT_SSL_VERIFY_SERVER_CERT=0

      Client invoked with mariadb --ssl (or mysql --ssl=PREFERRED for MySQL 8.0.33):

      Client invoked with mariadb --ssl --ssl-verify-server-cert (or mysql --ssl=VERIFY_IDENTITY for MySQL 8.0.33):

      Client packet with CLIENT_SSL_VERIFY_SERVER_CERT=1

      Attachments

        Issue Links

          Activity

            People

              georg Georg Richter
              dlenski Daniel Lenski (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.