Nessus Plugin Spotlight: SSL Certificates

During the past few weeks, the Tenable R&D team has created several plugins to enhance SSL certificate auditing capability. Nessus will identify SSL certificates regardless of port and launch dozens of plugins to check for a variety of weaknesses and vulnerabilities. Three new plugins expand that auditing capability to more effectively audit your organization.

SSL Certificate Fails to Adhere to Basic Constraints / Key Usage Extensions

Tenable has released a plugin titled “SSL Certificate Fails to Adhere to Basic Constraints / Key Usage Extensions” (ID# 56284) to help users verify X.509 / SSL certificate chains. Based on RFC 3280 guidelines, Nessus will examine an SSL certificate found on any port to verify that it adheres to all basic constraints and key usage extensions. If an X.509 certificate in a chain fails to adhere to constraints and usage extensions, Nessus will report that violations are present. This finding means that either a root or intermediate Certificate Authority (CA) signed a certificate incorrectly.

Per RFC 3280, an X.509 certificate must follow these rules:

• The key usage extension must appear in certificates that contain public keys and be marked critical. (Section 4.2.1.3)
• If the keyCertSign bit is asserted, then the cA bit in the basic constraints extension must also be asserted. (Section 4.2.1.3)
• The pathLenConstraint field must be greater than or equal to zero. (Section 4.2.1.0)

SSL Certificate signed with revoked DigiNotar Certificate Authority

In August, a Certificate Authority (CA) called DigiNotar was compromised after Google discovered the company issued a certificate for google.com that was not authorized by Google. The compromise of DigiNotar caused serious concern over what other certificates may have been issued, and if they had been used maliciously. Ultimately, 531 certificates were found to have been issued including ones for *.*.com, *.*.org and other Certificate Authorities.

Nessus plugin ID# 56043 will examine all SSL certificates it discovers to determine if they were issued by DigiNotar. It is recommended that any DigiNotar issued certificate be revoked and re-issued to ensure integrity.

SSL Certificate Null Character Spoofing Weakness

Nessus will also use plugin ID# 42053 to examine SSL certificates for a Common Name containing a Null character (\x00) in it. This may indicate a compromise or that a program such as SSLsniff is spoofing the certificate in order to intercept the traffic via a Man-in-The-Middle (MiTM) attack. Certificates with such characters may exploit a bug contained in many different web browsers and other SSL-related products, in how they validate the Common Name of such a certificate.

Conclusion

Organizations rely on the integrity of Certificate Authorities to provide a level of trust between the certificate owner and the parties relying on the certificate. Attackers can exploit this trust if they can compromise the Certificate Authority. These new Nessus plugins can help validate that this trust is not misplaced.