Spoofing attack in Oracle Linux - CVE-2016-2047
Published: June 28, 2016 / Updated: November 22, 2018
Vulnerability identifier: #VU46
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear
CVE-ID: CVE-2016-2047
CWE-ID: CWE-300
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Oracle
Affected software:
Oracle Linux
Oracle Linux
Detailed vulnerability description
The vulnerability allows a remote attacker to gain to perform a MitM attack.
The vulnerability exists due to improper validation of server hostname in Common Name (CN) or subjectAltName field of X.509 certificate in ssl_verify_server_cert() function in sql-common/client.c. A remote attacker can create a specially crafted certificate and spoof SSL server via multiple CN strings within one filed, e.g. "/OU=/CN=bar.com/CN=foo.com".
Successful exploitation of this vulnerability may allow an attacker to perform Man-in-the-Middle (MitM) attack and intercept SSL traffic and perform spoofing attack.
How to mitigate CVE-2016-2047
Install the latest version MySQL 5.5.50, 5.6.31 or 5.7.13.