Blogs & Stories

SpiderLabs Blog

Attracting more than a half-million annual readers, this is the security community's go-to destination for technical breakdowns of the latest threats, critical vulnerability disclosures and cutting-edge research.

TWSL2011-007: iOS SSL Implementation Does Not Validate Certificate Chain

The SpiderLabs team at Trustwave published a new advisory today, which details an issue identified in the Apple iOS. iOS is Apple's mobile operating system for the iPhone, iPod Touch, and iPad hardware platforms.

The vulnerability was discovered by Paul Kehrer, who is a member of the Trustwave SSL team. Paul discovered a method which allowed him to sign an SSL certificate which was viewed as valid by iOS. Using this technique, an attacker who is able to intercept traffic from a vulnerable iOS device can craft an SSL certificate, and subsequently capture and decrypt the traffic from applications which utilize this certificate. No notification is presented to the end user, which allows the attacker to perform this attack without detection.

Paul, along with Nicholas Percoco, head of SpiderLabs, will be giving a presentation at DEF CON 19 on SSL vulnerabilities, including this specific issue. Refer to this link for further details.

Additionally, further information can also be viewed in the following links: