DaemonForums  

Go Back   DaemonForums > DaemonForums.org > News

News News regarding BSD and related.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 7th December 2019
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,125
Default VPN-busting bug lurks in iOS, Android, Linux distros, macOS, FreeBSD, OpenBSD

From https://www.theregister.co.uk/2019/1...g_bug_spotted/ :

Quote:
A bug in the way Unix-flavored systems handle TCP connections could put VPN users at risk of having their encrypted traffic hijacked, it is claimed.

The University of New Mexico team of William Tolley, Beau Kujath, and Jedidiah Crandall this week said they've discovered CVE-2019-14899, a security weakness they report to be present in "most" Linux distros, along with Android, iOS, macOS, FreeBSD, and OpenBSD. The upshot is, if exploited, encrypted VPN traffic can be potentially hijacked and disrupted by miscreants on the network.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #2   (View Single Post)  
Old 8th December 2019
rons's Avatar
rons rons is offline
Snoozing
 
Join Date: Oct 2015
Posts: 69
Default

Does this explanation on The Reg make sense to anyone? Their explanation seems to be a non-sequitur. How could the TCP packet manipulation relate to encryption? Pieces to the story are missing IMO.
Reply With Quote
  #3   (View Single Post)  
Old 8th December 2019
e1-531g e1-531g is offline
ISO Quartermaster
 
Join Date: Mar 2014
Posts: 628
Default

Well, there is CVE number and names of people that discovered vulnerability. You can use that for further research, although not everything is public yet:
Quote:
The team says they have prepared a paper with a detailed description of the flaw and will publish it once a full workaround or patch for the security blunder is released.
From what I understand not encrypted, unauthenticated packets sent by adversary may end up at the same destination/source that must be accessible only for packets authenticated and encrypted by VPN connection.
__________________
Signature: Furthermore, I consider that systemd must be destroyed.
Based on Latin oratorical phrase
Reply With Quote
  #4   (View Single Post)  
Old 12th December 2019
ip6ix's Avatar
ip6ix ip6ix is offline
Fdisk Soldier
 
Join Date: Sep 2017
Posts: 66
Default

Quote:
Originally Posted by rons View Post
Does this explanation on The Reg make sense to anyone? Their explanation seems to be a non-sequitur. How could the TCP packet manipulation relate to encryption? Pieces to the story are missing IMO.
Perhaps this page may help: here.
__________________
dc -e '[q]sa[ln0=aln256%Pln256/snlbx]sb12247225403800449909543746snlbxq'
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Flashing Android devices with OpenBSD? jkl OpenBSD Packages and Ports 12 16th November 2021 02:50 PM
Security SSL-busting code that threatened Lenovo users found in a dozen more apps J65nko News 0 22nd February 2015 10:41 PM
FreeBSD FreeBSD: A Faster Platform For Linux Gaming Than Linux? vermaden News 6 15th September 2011 03:45 AM
27C3: danger lurks in PDF documents J65nko News 4 1st January 2011 09:54 PM
MacOS X Sandvine Fix kill-9 Other BSD and UNIX/UNIX-like 0 8th May 2008 01:29 AM


All times are GMT. The time now is 05:26 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick