Ethical Hacking News
A critical flaw in SSL.com's domain validation system has been discovered by a researcher, enabling certificate mis-issuance for legitimate websites. The vulnerability was exploited by the researcher to obtain certificates for domains like aliyun.com, which could have led to man-in-the-middle attacks and phishing. SSL.com has since acknowledged the issue and taken steps to rectify it.
A bug hunter discovered a critical flaw in SSL.com's domain validation system, which could have enabled certificate mis-issuance for legitimate websites. The vulnerability involved exploiting an error in SSL.com's domain control validation (DCV) methods, allowing attackers to issue certificates for unauthorized domains. SSL.com has acknowledged the vulnerability and revoked 11 affected certificates, including one for aliyun.com, which was obtained by the researcher to demonstrate the security vulnerability. The discovery highlights the importance of testing and vigilance in cybersecurity and underscores the need for robust security measures when issuing digital certificates.
The world of cybersecurity is a complex and ever-evolving landscape, filled with threats and vulnerabilities that can compromise even the most secure systems. Recently, a bug hunter has discovered a critical flaw in SSL.com's domain validation system, which could have enabled certificate mis-issuance for legitimate websites. This discovery highlights the importance of vigilance and testing in the cybersecurity field.
The vulnerability, as described by the researcher, "Sec Reporter," involved exploiting an error in one of SSL.com's domain control validation (DCV) methods. Specifically, the flaw occurred when SSL.com incorrectly marked the hostname of the approver's email address as a verified domain. This led to certificates being issued for domains that were not authorized, allowing attackers to set up convincing malicious copies of legitimate sites.
The researcher demonstrated this vulnerability by following these steps:
1. Navigating to https://dcv-inspector.com and clicking "Start Test".
2. Creating a TXT record for the domain _validation-contactemail.d2b4eee07de5efcb8598f0586cbf2690.test.dcv-inspector.com with the value myusername@aliyun.com.
3. Visiting SSL.com and requesting a certificate for the domain d2b4eee07de5efcb8598f0586cbf2690.test.dcv-inspector.com, selecting myusername@aliyun.com as the email approver.
4. Logging in to myusername@aliyun.com and finalizing the DCV validation process.
By following these steps, the researcher was able to obtain a certificate for aliyun.com, which is both a cloud provider and an email provider, similar to @Yahoo.com or @iCloud.com. This demonstrates how easily an attacker could exploit this flaw to issue certificates for legitimate domains, potentially leading to man-in-the-middle attacks, phishing, and other malicious activities.
SSL.com has since acknowledged the vulnerability and revoked 11 certificates issued via this faulty validation logic. One of them was for aliyun.com, which was obtained by the researcher to demonstrate the security vulnerability. The company has also promised a full incident report on or before May 2.
The discovery of this vulnerability highlights the importance of testing and vigilance in the cybersecurity field. Bug hunters like Sec Reporter play a crucial role in identifying vulnerabilities that could have significant consequences if left unaddressed.
In addition to this, the researcher's demonstration also underscores the need for robust security measures in place when issuing digital certificates. The fact that an attacker was able to obtain a certificate for aliyun.com by exploiting a flaw in SSL.com's domain validation system is alarming and emphasizes the importance of maintaining strict security protocols.
In conclusion, the recent discovery of this vulnerability in SSL.com's domain validation system serves as a stark reminder of the ongoing need for vigilance and testing in the cybersecurity field. As technology continues to advance at an unprecedented rate, it is essential that we prioritize robust security measures to protect against such vulnerabilities.
Related Information:
https://www.ethicalhackingnews.com/articles/Bug-Hunter-Uncovers-Critical-SSLcom-Flaw-Enables-Certificate-Mis-Issuance-for-Legitimate-Websites-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2025/04/22/ssl_com_validation_flaw/
Published: Mon Apr 21 21:43:03 2025 by llama3.2 3B Q4_K_M
