CVE-2014-1266
HIGHApple iOS 6.x-7.0.5, macOS 10.9.x, tvOS 6.x - Improper Certificate Validation
Title source: llmExploitation Summary
EIP tracks 4 public exploits for CVE-2014-1266. PoCs published by gabrielg, landonf, macressler.
AI-analyzed exploit summary This repository contains a Go-based proof-of-concept for CVE-2014-1266, demonstrating the SSL verification vulnerability in iOS and OS X. It implements a proxy server that intercepts HTTPS requests from vulnerable clients and redirects them to an HTTP server, exploiting the flawed SSL verification.
Description
The SSLVerifySignedServerKeyExchange function in libsecurity_ssl/lib/sslKeyExchange.c in the Secure Transport feature in the Data Security component in Apple iOS 6.x before 6.1.6 and 7.x before 7.0.6, Apple TV 6.x before 6.0.2, and Apple OS X 10.9.x before 10.9.2 does not check the signature in a TLS Server Key Exchange message, which allows man-in-the-middle attackers to spoof SSL servers by (1) using an arbitrary private key for the signing step or (2) omitting the signing step.
Exploits (4)
This repository contains a Go-based proof-of-concept for CVE-2014-1266, demonstrating the SSL verification vulnerability in iOS and OS X. It implements a proxy server that intercepts HTTPS requests from vulnerable clients and redirects them to an HTTP server, exploiting the flawed SSL verification.
This repository provides a proof-of-concept and unit tests for CVE-2014-1266, focusing on the vulnerable SSLVerifySignedServerKeyExchange function in Apple's libsecurity_ssl. It demonstrates how the signing code could have been tested for incorrect parameters.
This repository provides a Cydia Substrate tweak to patch the 'goto fail' SSL verification vulnerability (CVE-2014-1266) in iOS and OS X. It is a runtime patch that does not modify system files, making it safe for jailbroken devices.
References (9)
Scores
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N