You are here: Security Center > Mozilla Foundation Security Advisories > MFSA 2013-117

Mozilla Foundation Security Advisory 2013-117

Title: Mis-issued ANSSI/DCSSI certificate
Impact: High
Announced: December 10, 2013
Reporter: Google
Products: Firefox, Thunderbird, Seamonkey

Fixed in: Firefox 26
  Firefox ESR 24.2
  Thunderbird 24.2
  Seamonkey 2.23

Description

Google notified Mozilla that an intermediate certificate, which chains up to a root included in Mozilla’s root store, was loaded into a man-in-the-middle (MITM) traffic management device. This certificate was issued by Agence nationale de la sécurité des systèmes d'information (ANSSI), an agency of the French government and a certificate authority in Mozilla's root program. A subordinate certificate authority of ANSSI mis-issued an intermediate certificate that they installed on a network monitoring device, which enabled the device to act as a MITM proxy performing traffic management of domain names or IP addresses that the certificate holder did not own or control.

The issue was not specific to Firefox but there was evidence that one of the certificates was used for MITM traffic management of domain names that the customer did not legitimately own or control. This issue was resolved by revoking trust in the intermediate used by the sub-CA to issue the certificate for the MITM device.

References