[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: cve.mitre.org website is down due to SSL error

Interesting.  All links on the site are to cve.mitre.org, the cert is 
valid for cve.mitre.org (and others).  AFAIK that's always been the 
case, and cve.mitre.org is the correct URL.  I don't know why some 
people link to www.cve.mitre.org instead.  The service is rated "A" by 
Qualys labs:

https://www.ssllabs.com/ssltest/analyze.html?d=cve.mitre.org&s=198.49.146.233&latest
https://www.ssllabs.com/ssltest/analyze.html?d=cve.mitre.org&s=192.52.194.135

As it's an Apache server, people using the wrong URL with https could be 
redirected automatically to the correct one with something like this for 
HTTPS connections:

         RewriteCond     %{HTTP_HOST}    www.cve.mitre.org($|:443) [NC]
         RewriteRule     ^/(.*)          https://cve.mitre.org/$1 [L,R]

That seems like a better solution than removing www.cve.mitre.org from 
DNS and expecting people to fix their incorrect links, or changing the 
SSL cert.

Pascal

On 02/03/2016 07:13 PM, Kurt Seifried wrote:
> Attackers might be trying to steal your information from www.cve.mitre.org
> (for example, passwords, messages, or credit cards).
> NET::ERR_CERT_COMMON_NAME_INVALID
>
> specifically it seems to think it is msm.mitre.org and/or taxii.mitre.org
> right now?
>
Page Last Updated or Reviewed: February 04, 2016