4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:P/I:P/A:N
0.001 Low
EPSS
Percentile
31.7%
serf Development list reports:
Serf provides APIs to retrieve information about a certificate. These
APIs return the information as NUL terminated strings (commonly called C
strings). X.509 uses counted length strings which may include a NUL byte.
This means that a library user will interpret any information as ending
upon seeing this NUL byte and will only see a partial value for that field.
Attackers could exploit this vulnerability to create a certificate that a
client will accept for a different hostname than the full certificate is
actually for by embedding a NUL byte in the certificate.
This can lead to a man-in-the-middle attack. There are no known instances
of this problem being exploited in the wild and in practice it should be
difficult to actually exploit this vulnerability.