

Chrome patches "Issue with certificates validation in TLS handshake" - zaroth
http://googlechromereleases.blogspot.com/2014/02/stable-channel-update-for-chrome-os_24.html

======
briansmith
Even though Firefox and Chrome both use the same TLS implementation (NSS's
libssl), the ways in which Firefox and Chrome use it differ. Based on
discussions with the credited researchers and with other members of the NSS
team, Firefox doesn't need to implement such a restriction, so there's nothing
to worry about as far as Firefox is concerned. And, that's about all I should
say about it at this time, I think.

------
zaroth
Also see:
[http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-665...](http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6659)

The SSLClientSocketNSS::Core::OwnAuthCertHandler function in
net/socket/ssl_client_socket_nss.cc in Google Chrome before 33.0.1750.117 does
not prevent changes to server X.509 certificates during renegotiations, which
allows remote SSL servers to trigger use of a new certificate chain,
inconsistent with the user's expectations, by initiating a TLS renegotiation.

Access Vector: Network exploitable

Access Complexity: Low

Authentication: Not required to exploit

Impact Type:Allows unauthorized disclosure of information; Allows unauthorized
modification

