|
|
| |
|
| |
Security
By Jake Edge
August 25, 2010
It has been said that the US National Security Agency (NSA) blocked the
implementation of encryption in the TCP/IP protocol for the original
ARPANET, because it wanted to be able to listen in on the traffic that
crossed that early precursor to the internet. Since that time, we have
been relegated to always sending clear-text packets via TCP/IP. Higher
level application protocols (i.e. ssh, HTTPS, etc.) have enabled encryption
for some
traffic, but the vast majority of internet communication is still in the
clear. The Tcpcrypt project is an
attempt to change that, transparently, so that two conforming nodes can
encrypt all of the data portion of any packets they exchange.
One of the key benefits that Tcpcrypt offers is transparency. That means
that if both endpoints of a connection support it, the connection will be
encrypted, but if one doesn't support Tcpcrypt, the other will gracefully
fall back to standard clear-text TCP/IP. No applications are required to
change, and no "new" protocols are required (beyond Tcpcrypt itself, of
course) as applications will send and receive data just as they do today.
But there is an additional benefit available for those applications that
are willing to change: strong authentication.
Tcpcrypt has the concept of a "session ID" that is generated on both sides
as part of the key exchange. This ID can be used in conjunction with a
shared secret, like a password, to authenticate both ends of the
communication. Because the client and server can exchange cryptographic
hash values derived from the shared secret and session ID, they can be
assured that each is talking over an encrypted channel to an endpoint that
has the key (password). A "man in the middle" would not
have access to the password and therefore can't spoof the exchange.
Even without any application changes for stronger authentication, Tcpcrypt
would defend against passive man-in-the-middle attacks, like
eavesdropping. Active attacks could still spoof responses that said
Tcpcrypt was not supported, even if the other endpoint did support it, or
even relay encrypted traffic. That would still be better than the usual
situation today where a passive attacker can gather an enormous amount of
clear-text traffic, especially from unencrypted or weakly encrypted wireless
networks.
There is an Internet Engineering Task Force (IETF) draft available
that describes how Tcpcrypt works by using two new TCP options. Those two
options, CRYPT and MAC, will not be recognized by
endpoints without Tcpcrypt support, and are therefore harmless. The CRYPT
option is used to negotiate the use of Tcpcrypt and to exchange encryption
keys, while the MAC option carries a hash value that can be used
to verify
the integrity of the packet data.
In addition to the IETF draft, the project has produced a paper, The case for ubiquitous
transport-level encryption [PDF], that was presented at the 2010
USENIX Security conference. It gives a somewhat higher-level look at how
Tcpcrypt integrates with TCP/IP, while providing a lot more information on
the cryptographic and authentication algorithms. The slides [PDF] from the
presentation are also instructive.
One of the basic premises that underlies Tcpcrypt is that computers have
gotten "fast enough" to handle encrypting all internet traffic. Doing so
at the transport level, rather than in application protocols (e.g. ssh),
can make it transparent to applications. In addition, Tcpcrypt can work
through NAT devices, which is something that another lower-layer encryption
protocol, IPSec, cannot handle.
Because Tcpcrypt keys are short-lived, non-persistent public/private key
pairs, it does not
require the public key infrastructure (PKI) that other solutions, like
HTTPS, need. That means that endpoints can communicate without getting
certificates signed by centralized authorities. Of course the existing PKI
certificates will work just fine on top of Tcpcrypt.
While computers may be "fast enough" to handle encryption on every packet,
there is still the problem of asymmetry. Servers typically handle
much more traffic than clients, so Tcpcrypt is designed to put the
most difficult parts of the key negotiation and encryption onto the client
side. The claim is that speeds of up to 25x that of HTTPS (i.e. SSL/TLS)
can be achieved
by Tcpcrypt. One wonders whether mobile devices are "fast enough", but
that problem—if it even is one—is probably not one for that
much longer.
Overall, Tcpcrypt is an intriguing idea. It certainly isn't a panacea for
all of today's network ills, but that is no surprise. Unlike other
proposals, Tcpcrypt can be incrementally deployed without requiring that
we, somehow,
restart the internet. Since it won't break existing devices, it can be
developed and tested within the framework of the existing net. If for no
other reason, that should give Tcpcrypt a leg up on other potential solutions.
Comments (49 posted)
Brief items
DRE (direct-recording electronic) voting machines are ones where voters
cast their ballots by pressing buttons or using a touch screen, and the
primary record of the votes is stored in a computer memory. Numerous
scientific studies have demonstrated that such machines can be reprogrammed
to steal votes, so when we got our hands on a DRE called the Sequoia AVC
Edge, we decided to do something different: we reprogrammed it to run
Pac-Man.
-- J. Alex
Halderman
The Indian government has refused to let [researchers] review the machine, and
insists that it's tamper-proof. Even after the initial report came out
proving this not to be the case, the government has continued to insist the
machines are fine and have no problems. Here in the US, it's quite
troubling how much the government has relied on e-voting machines without
allowing security researchers to really test them, but at least they don't
arrest those who have been able to access and test the machines. This is a
hugely troubling move by the Indian government, and hopefully getting more
attention on such a questionable arrest will make the Indian government
regret this decision -- and open up the machines for real security
testing.
-- Mike
Masnick on the arrest of an Indian security researcher
Of course, doing so just turns it from "Running code as X gives you
root" to "Running code as X gives you root the moment someone types in a
root password, even if they're on a different terminal". I accept that
this is a barrier, but the only real solution is to have each X session
run as a different user - and that requires Linux to gain revoke()
support.
-- Matthew Garrett on why X still runs as root
Comments (2 posted)
New vulnerabilities
acroread: arbitrary code execution
| Package(s): | acroread |
CVE #(s): | CVE-2010-2862
|
| Created: | August 20, 2010 |
Updated: | September 1, 2010 |
| Description: |
From the Red Hat advisory:
This update fixes a vulnerability in Adobe Reader. This vulnerability is
detailed on the Adobe security page APSB10-17, listed in the References
section. A specially-crafted PDF file could cause Adobe Reader to crash or,
potentially, execute arbitrary code as the user running Adobe Reader when
opened. |
| Alerts: |
|
Comments (none posted)
cacti: multiple vulnerabilities
| Package(s): | cacti |
CVE #(s): | CVE-2010-1644
CVE-2010-1645
CVE-2010-2543
CVE-2010-2544
CVE-2010-2545
|
| Created: | August 24, 2010 |
Updated: | January 9, 2012 |
| Description: |
From the Mandriva advisory:
Multiple cross-site scripting (XSS) vulnerabilities in Cacti before
0.8.7f, allow remote attackers to inject arbitrary web script or
HTML via the (1) hostname or (2) description parameter to host.php,
or (3) the host_id parameter to data_sources.php (CVE-2010-1644).
Cacti before 0.8.7f, allows remote authenticated administrators to
execute arbitrary commands via shell metacharacters in (1) the FQDN
field of a Device or (2) the Vertical Label field of a Graph Template
(CVE-2010-1645).
Cross-site scripting (XSS) vulnerability in
include/top_graph_header.php in Cacti before 0.8.7g allows remote
attackers to inject arbitrary web script or HTML via the graph_start
parameter to graph.php. NOTE: this vulnerability exists because of
an incorrect fix for CVE-2009-4032.2.b (CVE-2010-2543).
Cross-site scripting (XSS) vulnerability in utilities.php in Cacti
before 0.8.7g, allows remote attackers to inject arbitrary web script
or HTML via the filter parameter (CVE-2010-2544).
Multiple cross-site scripting (XSS) vulnerabilities in Cacti before
0.8.7g, allow remote attackers to inject arbitrary web script or HTML
via (1) the name element in an XML template to templates_import.php;
and allow remote authenticated administrators to inject arbitrary web
script or HTML via vectors related to (2) cdef.php, (3) data_input.php,
(4) data_queries.php, (5) data_sources.php, (6) data_templates.php, (7)
gprint_presets.php, (8) graph.php, (9) graphs_new.php, (10) graphs.php,
(11) graph_templates_inputs.php, (12) graph_templates_items.php,
(13) graph_templates.php, (14) graph_view.php, (15) host.php, (16)
host_templates.php, (17) lib/functions.php, (18) lib/html_form.php,
(19) lib/html_form_template.php, (20) lib/html.php, (21)
lib/html_tree.php, (22) lib/rrd.php, (23) rra.php, (24) tree.php,
and (25) user_admin.php (CVE-2010-2545).
|
| Alerts: |
|
Comments (none posted)
freeciv: arbitrary command execution
| Package(s): | freeciv |
CVE #(s): | CVE-2010-2445
|
| Created: | August 20, 2010 |
Updated: | October 15, 2010 |
| Description: |
From the CVE entry:
freeciv 2.2 before 2.2.1 and 2.3 before 2.3.0 allows attackers to read arbitrary files or execute arbitrary commands via scenario that contains Lua functionality, related to the (1) os, (2) io, (3) package, (4) dofile, (5) loadfile, (6) loadlib, (7) module, and (8) require modules or functions. |
| Alerts: |
|
Comments (none posted)
kernel: multiple vulnerabilities
| Package(s): | linux-2.6 |
CVE #(s): | CVE-2009-4895
CVE-2010-2803
CVE-2010-2959
CVE-2010-3015
|
| Created: | August 20, 2010 |
Updated: | March 3, 2011 |
| Description: |
From the Debian advisory:
Kyle Bader reported an issue in the tty subsystem that allows local users to create a denial of service (NULL pointer dereference). (CVE-2009-4895)
Kees Cook reported an issue in the DRM (Direct Rendering Manager) subsystem. Local users with sufficient privileges (local X users or members of the 'video' group on a default Debian install) could acquire access to sensitive kernel memory. (CVE-2010-2803)
Ben Hawkes discovered an issue in the AF_CAN socket family. An integer
overflow condition may allow local users to obtain elevated privileges. (CVE-2010-2959)
Toshiyuki Okajima reported an issue in the ext4 filesystem. Local users
could trigger a denial of service (BUG assertion) by generating a specific
set of filesystem operations. (CVE-2010-3015)
|
| Alerts: |
|
Comments (none posted)
kvm: denial of service
| Package(s): | kvm |
CVE #(s): | CVE-2010-0431
CVE-2010-0435
CVE-2010-2784
|
| Created: | August 20, 2010 |
Updated: | March 3, 2011 |
| Description: |
From the Red Hat advisory:
It was found that QEMU-KVM on the host did not validate all pointers
provided from a guest system's QXL graphics card driver. A privileged guest
user could use this flaw to cause the host to dereference an invalid
pointer, causing the guest to crash (denial of service) or, possibly,
resulting in the privileged guest user escalating their privileges on the
host. (CVE-2010-0431)
A flaw was found in QEMU-KVM, allowing the guest some control over the
index used to access the callback array during sub-page MMIO
initialization. A privileged guest user could use this flaw to crash the
guest (denial of service) or, possibly, escalate their privileges on the
host. (CVE-2010-2784)
A NULL pointer dereference flaw was found when the host system had a
processor with the Intel VT-x extension enabled. A privileged guest user
could use this flaw to trick the host into emulating a certain instruction,
which could crash the host (denial of service). (CVE-2010-0435)
|
| Alerts: |
|
Comments (none posted)
moin: cross-site scripting
| Package(s): | moin |
CVE #(s): | CVE-2010-2969
CVE-2010-2970
|
| Created: | August 25, 2010 |
Updated: | October 19, 2012 |
| Description: |
Versions of the MoinMoin wiki system through 1.7.3 or prior to 1.9.3 suffer from multiple cross-site scripting vulnerabilities. |
| Alerts: |
|
Comments (none posted)
moodle: multiple vulnerabilities
| Package(s): | moodle |
CVE #(s): | CVE-2010-2795
CVE-2010-2796
|
| Created: | August 23, 2010 |
Updated: | February 23, 2011 |
| Description: |
From the CVE entries:
phpCAS before 1.1.2 allows remote authenticated users to hijack sessions via a query string containing a crafted ticket value. (CVE-2010-2795)
Cross-site scripting (XSS) vulnerability in phpCAS before 1.1.2, when proxy mode is enabled, allows remote attackers to inject arbitrary web script or HTML via a callback URL. (CVE-2010-2796) |
| Alerts: |
|
Comments (none posted)
mozilla: denial of service
| Package(s): | firefox, thunderbird, sunbird |
CVE #(s): | CVE-2010-2755
|
| Created: | August 20, 2010 |
Updated: | January 19, 2011 |
| Description: |
From the CVE entry:
layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not properly free memory in the parameter array of a plugin instance, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted HTML document, related to the DATA and SRC attributes of an OBJECT element. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-1214. |
| Alerts: |
|
Comments (none posted)
openoffice.org: denial of service
| Package(s): | openoffice.org |
CVE #(s): | CVE-2010-2935
CVE-2010-2936
|
| Created: | August 23, 2010 |
Updated: | April 19, 2011 |
| Description: |
From the Red Hat advisory:
An integer truncation error, leading to a heap-based buffer overflow, was
found in the way the OpenOffice.org Impress presentation application
sanitized a file's dictionary property items. An attacker could use this
flaw to create a specially-crafted Microsoft Office PowerPoint file that,
when opened, would cause OpenOffice.org Impress to crash or, possibly,
execute arbitrary code with the privileges of the user running
OpenOffice.org Impress. (CVE-2010-2935)
An integer overflow flaw, leading to a heap-based buffer overflow, was
found in the way OpenOffice.org Impress processed polygons in input
documents. An attacker could use this flaw to create a specially-crafted
Microsoft Office PowerPoint file that, when opened, would cause
OpenOffice.org Impress to crash or, possibly, execute arbitrary code with
the privileges of the user running OpenOffice.org Impress. (CVE-2010-2936)
|
| Alerts: |
|
Comments (none posted)
php: multiple vulnerabilities
| Package(s): | php |
CVE #(s): | CVE-2010-2190
CVE-2010-1914
CVE-2010-1915
|
| Created: | August 24, 2010 |
Updated: | October 6, 2010 |
| Description: |
From the CVE entries:
The (1) trim, (2) ltrim, (3) rtrim, and (4) substr_replace functions in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass by reference feature. (CVE-2010-2190)
The Zend Engine in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information by interrupting the handler for the (1) ZEND_BW_XOR opcode (shift_left_function), (2) ZEND_SL opcode (bitwise_xor_function), or (3) ZEND_SR opcode (shift_right_function), related to the convert_to_long_base function. (CVE-2010-1914)
The preg_quote function in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass by reference feature, modification of ZVALs whose values are not updated in the associated local variables, and access of previously-freed memory. (CVE-2010-1915) |
| Alerts: |
|
Comments (none posted)
phpMyAdmin: cross-site scripting
| Package(s): | phpMyAdmin |
CVE #(s): | CVE-2010-3056
|
| Created: | August 23, 2010 |
Updated: | September 13, 2010 |
| Description: |
From the Red Hat bugzilla:
Several cross-site scripting (XSS) vulnerabilities were found in phpMyAdmin
versions prior to 2.11.10.1 and 3.3.5.1 [1]. A remote attacker was able to
conduct an XSS attack using crafted URLs or POST parameters on several pages. |
| Alerts: |
|
Comments (none posted)
qspice: denial of service
| Package(s): | qspice |
CVE #(s): | CVE-2010-0428
CVE-2010-0429
|
| Created: | August 20, 2010 |
Updated: | August 27, 2010 |
| Description: |
From the Red Hat advisory:
It was found that the libspice component of QEMU-KVM on the host did not
validate all pointers provided from a guest system's QXL graphics card
driver. A privileged guest user could use this flaw to cause the host to
dereference an invalid pointer, causing the guest to crash (denial of
service) or, possibly, resulting in the privileged guest user escalating
their privileges on the host. (CVE-2010-0428)
It was found that the libspice component of QEMU-KVM on the host could be
forced to perform certain memory management operations on memory addresses
controlled by a guest. A privileged guest user could use this flaw to crash
the guest (denial of service) or, possibly, escalate their privileges on
the host. (CVE-2010-0429)
|
| Alerts: |
|
Comments (none posted)
qspice-client: man-in-the-middle vulnerability
| Package(s): | qspice-client |
CVE #(s): | CVE-2010-2792
|
| Created: | August 25, 2010 |
Updated: | August 26, 2010 |
| Description: |
From the Red Hat advisory: A race condition was found in the way the SPICE Mozilla Firefox plug-in and
the SPICE client communicated. A local attacker could use this flaw to
trick the plug-in and the SPICE client into communicating over an
attacker-controlled socket, possibly gaining access to authentication
details, or resulting in a man-in-the-middle attack on the SPICE
connection. |
| Alerts: |
|
Comments (none posted)
spice-xpi: symlink vulnerability
| Package(s): | spice-xpi |
CVE #(s): | CVE-2010-2794
|
| Created: | August 25, 2010 |
Updated: | August 26, 2010 |
| Description: |
The SPICE firefox plugin suffers from a symbolic link vulnerability enabling a local attacker to overwrite files. |
| Alerts: |
|
Comments (none posted)
uzbl: arbitrary command execution
| Package(s): | uzbl |
CVE #(s): | CVE-2010-2809
|
| Created: | August 23, 2010 |
Updated: | August 25, 2010 |
| Description: |
From the CVE entry:
The default configuration of the <Button2> binding in Uzbl before 2010.08.05 does not properly use the @SELECTED_URI feature, which allows user-assisted remote attackers to execute arbitrary commands via a crafted HREF attribute of an A element in an HTML document. |
| Alerts: |
|
Comments (none posted)
zabbix: cross-site scripting
| Package(s): | zabbix |
CVE #(s): | CVE-2010-2790
|
| Created: | August 25, 2010 |
Updated: | August 25, 2010 |
| Description: |
Zabbix prior to 1.8.3 suffers from multiple cross-site scripting vulnerabilities; see this advisory for details. |
| Alerts: |
|
Comments (none posted)
zope-ldapuserfolder: authentication bypass
| Package(s): | zope-ldapuserfolder |
CVE #(s): | CVE-2010-2944
|
| Created: | August 25, 2010 |
Updated: | August 25, 2010 |
| Description: |
It turns out that the zope-ldapuserfolder extension does not verify passwords when somebody logs in as the emergency user. |
| Alerts: |
|
Comments (none posted)
Page editor: Jake Edge
Next page: Kernel development>>
|
|
|