By Jake Edge
September 5, 2013
While encrypted communication over the internet is certainly nothing new, recent
events have highlighted some good reasons to use it. But protocols using
encryption atop TCP or UDP are generally easily identified, such that they
can be blocked by governments or ISPs. A new protocol, called Dust [PDF], sets out to provide
"blocking resistance", so that commonly used techniques, like blocking
based on deep packet
inspection (DPI), will be difficult to apply. The overall
goal for Dust is to resist censorship in the form of internet blocking.
There are a number of different projects that provide some form of
censorship resistance, including document publishing services such as Publius, Tangler, and Mnemosyne
[PDF]. But in order to retrieve documents, users must be able to
connect to the service, which is easy to thwart via IP address blocking.
So it makes sense to combine anonymous document storage with "hidden
services" from an
anonymizing proxy like Tor. But those connections are
still vulnerable to DPI-based blocking based on the contents of the
packets. What is needed, then, is a way to
avoid the DPI filters while connecting to the anonymizing proxy. To that end, "the ideal communication protocol is therefore one which is unobservable, meaning
that a packet or sequence of packets is
indistinguishable from a random packet or
random sequence of packets", according to Dust developer Brandon
Wiley. Creating that is essentially the design goal for the protocol.
There have been other efforts to create encrypted, censorship-resistant
protocols. Wiley's paper mentions several, including Message Stream
Encryption (MSE) for BitTorrent, Obfuscated TCP, and
Tcpcrypt (which we looked at in 2010). MSE and Tcpcrypt have flaws
such as static strings in the handshake or predictability in the packet
size that make it easy to detect—and filter—them. Obfuscated TCP has
several variants that communicate keys in different ways (e.g. TCP options,
HTTP headers, DNS records) all of which can be detected by current DPI
filtering.
Key exchange is the most difficult piece of any encryption puzzle. To
some extent, Dust punts on that by requiring an "out of band" invitation to
be received by a client before it can connect to the server. The
invitation has the IP address, port, and public key for the server, along
with an invitation-specific password and invitation ID, all of which
is encrypted using the password. The invitation ID is
a random, single-use identifier that the server can use to determine which
invitation (and thus which password) is being used when the client
introduces itself with the invitation.
The actual invitation is of no use without the password, so it could be
sent via any channel. Because of the encryption, the invitation is
"indistinguishable from random
bytes". Wiley is focused on automated DPI, so he seems a little
cavalier about transmitting the password:
It can then be safely
transmitted, along with the password, over an out-of-band channel such as
email [or]
instant messaging. It will not be susceptible to the attacks which block email
communication containing IP addresses
because only the password is transmitted
unencrypted. If the invitation channel is under observation by the attacker, and only in
the case that the attacker is specifically attempting to filter Dust packets, then the
password should be sent by another channel that, while it can still be observed by the
attacker, should be uncorrelated with the invitation channel.
With an invitation and password in hand, a client can connect to the server
by sending an introduction (or intro) packet to the server. The intro
packet is prepended with the invitation ID (which is random). The rest of
the packet is encrypted with the password and contains the client's public
key. When the server receives a packet from an unknown host, it assumes
that the first 32 bytes are the ID and tries to look up the password based
on that. It then decrypts the rest of the packet and stores the IP
address, port, and public key.
At that point, the handshake is complete. Both server and client can
compute shared session keys using each other's public key and the password
so that they can exchange encrypted messages from then on. That is done
using the data packet, which is the third packet type (invite and intro are
the other two).
There are several other features of the Dust packet format that bear
mention. To start with, packets can be chained within a single TCP or UDP
packet. Since the client has the server's public key from the invite, it
can send both an intro and data packet in a single TCP packet. That may
constitute all of what the client wants to say, which is a useful
optimization, but also helps protect against inter-packet timing analysis
to detect Dust.
The packets are protected with a message
authentication code (MAC) and the MAC is calculated using a password-based key derivation
function (PBKDF) with a random
initialization vector (IV) transmitted with each Dust packet. Both the MAC
and IV are sent in the clear; since the IV is a random per-packet value and
the MAC is calculated from it, both are effectively random to an observer.
In the encrypted portion of the packet, timestamps are included to protect against replay attacks and a random
amount of random-padding bytes is added to each packet so that the packet
length
is unpredictable. As might be obvious, good random number generation is an
important part of a Dust implementation.
All of those techniques should make Dust resistant to protocol
fingerprinting using DPI. The packets look like random data of random
length, which could be almost anything: streaming audio/video, some kind of
file transfer, etc. Of course, the connection just immediately
starts up in that mode, which might be considered suspicious in and of
itself. But the existing blocking typically centers around blacklists of
protocols that DPI can detect. Dust will not easily fall prey to that kind
of filtering.
A bigger worry is whitelist-oriented filtering. If the DPI filters will
only allow recognized protocols through, Dust will clearly fail the test.
Whitelists can be circumvented using steganography
(i.e. by hiding the real message inside a packet of one of the "legal"
protocols), but that has its own set of problems. Steganographic techniques
may lead to packets that can be more easily fingerprinted and blocked.
Whitelists will also be difficult for ISPs or governments to enforce, just
from a social point of view.
Code for Dust (in Haskell) can
be found at GitHub. More information can be found in the README
files there in addition to Wiley's paper.
Overall, Dust is an intriguing idea. It is meant to serve as an underlying
protocol for something like Tor (which, in turn, may underlie secure and
anonymous document distribution). While it is well-tuned to avoid today's DPI
(and other) attacks, one wonders if just random gibberish at the start of a
connection will be enough to set off tomorrow's filters. Of course, an
internet where all of the data was encrypted would potentially obviate the
need for something like Dust. In the meantime,
at least, Dust seems worth a look.
Comments (3 posted)
Brief items
In seeking a balance that puts liberty first, my administration will unwind
the surveillance apparatus to a substantial degree. Some surveillance is
necessary, to be sure. But we will have clear rules and boundaries, and we
will punish those in government who go beyond them. As we have seen
repeatedly in recent years, without genuine accountability, rules and laws
mean nothing.
—
Dan
Gillmor hopes for a 2016 US presidential candidate with a focus on privacy
Right now the upper practical limit on brute force is somewhere under 80
bits. However, using that as a guide gives us some indication as to how
good an attack has to be to break any of the modern algorithms. These days,
encryption algorithms have, at a minimum, 128-bit keys. That means any NSA
cryptoanalytic breakthrough has to reduce the effective key length by at
least 48 bits in order to be practical.
There's more, though. That DES attack requires an impractical 70 terabytes
of known plaintext encrypted with the key we're trying to break. Other
mathematical attacks require similar amounts of data. In order to be
effective in decrypting actual operational traffic, the NSA needs an attack
that can be executed with the known plaintext in a common MS-Word header:
much, much less.
—
Bruce
Schneier is skeptical of claims of NSA decryption superpowers
Most internet users would like to be anonymous online at least occasionally, but many think it is not possible to be completely anonymous online. New findings in a national survey show:
- 86% of internet users have taken steps online to remove or mask their digital footprints—ranging from clearing cookies to encrypting their email, from avoiding using their name to using virtual networks that mask their internet protocol (IP) address.
- 55% of internet users have taken steps to avoid observation by specific people, organizations, or the government
Still, 59% of internet users do not believe it is possible to be completely anonymous online, while 37% of them believe it is possible.
—
Anonymity,
Privacy, and Security Online, a survey by Pew Internet
Comments (11 posted)
New vulnerabilities
389-ds-base: denial of service
| Package(s): | 389-ds-base |
CVE #(s): | CVE-2013-4283
|
| Created: | August 29, 2013 |
Updated: | September 5, 2013 |
| Description: |
From the Red Hat advisory:
It was discovered that the 389 Directory Server did not properly handle the
receipt of certain MOD operations with a bogus Distinguished Name (DN). A
remote, unauthenticated attacker could use this flaw to cause the 389
Directory Server to crash. (CVE-2013-4283) |
| Alerts: |
|
Comments (none posted)
ansible: predictable filenames
| Package(s): | ansible |
CVE #(s): | CVE-2013-4260
CVE-2013-4259
|
| Created: | September 3, 2013 |
Updated: | September 5, 2013 |
| Description: |
From the ansible advisory:
We are releasing Ansible version v1.2.3 to address two CVEs that have been reported regarding the core Ansible package. Both of these involve potential local exploits on systems where access to the Ansible control machine is being shared between multiple users. These require updating Ansible on control machines and do not require any changes on managed (controlled) machines.
The first could allow a malicious local user to place a symlink at a predictable location to make Ansible connect to a different remote system than expected when using ControlPersist. If that target system were itself compromised, and you are not verifying SSH host keys and are also using SSH passwords (rather than keys) for authentication, this exploit could result in obtaining a user’s password information. It could also result in the target system receiving sensitive configuration data it was not supposed to receive. This does not affect kernels that have fs.protected_symlinks=1/fs.protected_hardlinks=1 set in sysctl, or on systems that are using SELinux with strict/MLS policies. Enterprise Linux 5/6 do not support these sysctl options, however the default on these platforms is actually paramiko (because ControlPersist is not yet available on them), so this would only be a problem if the “ssh” connection is explicitly selected on the command line with “-c ssh” or configured in the configuration file (or environment). Fedora 19, for instance, has these protections on by default and Ubuntu has been shipping these protections on for some time as well.
The second allows using a predictable location of the retry file from a failed playbook in /var/tmp to clobber a file on the local filesystem using a link. |
| Alerts: |
|
Comments (none posted)
asterisk: multiple vulnerabilities
| Package(s): | asterisk |
CVE #(s): | CVE-2013-5641
CVE-2013-5642
|
| Created: | August 30, 2013 |
Updated: | September 16, 2013 |
| Description: |
From the Mandriva advisory:
A remotely exploitable crash vulnerability exists in the SIP channel driver if an ACK with SDP is received after the channel has been terminated. The handling code incorrectly assumes that the channel will always be present (CVE-2013-5641).
A remotely exploitable crash vulnerability exists in the SIP channel driver if an invalid SDP is sent in a SIP request that defines media descriptions before connection information. The handling code incorrectly attempts to reference the socket address information even though that information has not yet been set (CVE-2013-5642). |
| Alerts: |
|
Comments (none posted)
cacti: multiple vulnerabilities
| Package(s): | cacti |
CVE #(s): | CVE-2013-5588
CVE-2013-5589
|
| Created: | September 3, 2013 |
Updated: | September 10, 2013 |
| Description: |
From the CVE entries:
Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the step parameter to install/index.php or (2) the id parameter to cacti/host.php. (CVE-2013-5588)
SQL injection vulnerability in cacti/host.php in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. (CVE-2013-5589) |
| Alerts: |
|
Comments (none posted)
cyrus-sasl: denial of service
| Package(s): | cyrus-sasl |
CVE #(s): | CVE-2013-4122
|
| Created: | September 3, 2013 |
Updated: | September 5, 2013 |
| Description: |
From the Gentoo advisory:
In the GNU C Library (glibc) from version 2.17 onwards, the crypt()
function call can return NULL when the salt violates specifications or
the system is in FIPS-140 mode and a DES or MD5 hashed password is
passed. When Cyrus-SASL's authentication mechanisms call crypt(), a
NULL may be returned.
A remote attacker could trigger this vulnerability to cause a Denial of
Service condition. |
| Alerts: |
|
Comments (none posted)
drupal7-entity: Entity API - access bypass
| Package(s): | drupal7-entity |
CVE #(s): | CVE-2013-4273
|
| Created: | September 3, 2013 |
Updated: | September 5, 2013 |
| Description: |
From the Drupal bug report:
The Entity API module extends the entity API of Drupal core in order to provide a unified way to deal with entities and their properties.
The module doesn't sufficiently enforce node access restrictions when checking for a user's access to view a comment associated with a particular node. The vulnerability is mitigated by the fact that it only applies to a user's access to view a comment in a situation where access should be restricted with entity access.
The Entity API also does not properly restrict access when displaying selected entities using the Views field or area plugins, allowing users to view entities that they do not have access to. The vulnerability is mitigated by the fact that entities are only improperly exposed when a View has been configured to display them in a field, header or footer of a View. |
| Alerts: |
|
Comments (none posted)
drupal7-theme-zen: cross-site scripting
| Package(s): | drupal7-theme-zen |
CVE #(s): | CVE-2013-4275
|
| Created: | September 3, 2013 |
Updated: | September 5, 2013 |
| Description: |
From the drupal bug report:
Zen doesn't sufficiently escape the breadcrumb separator field, allowing a possible XSS exploit.
This vulnerability is mitigated by the fact that an attacker must have a role with the permission "administer themes". |
| Alerts: |
|
Comments (none posted)
exactimage: denial of service
| Package(s): | exactimage |
CVE #(s): | CVE-2013-1438
|
| Created: | September 3, 2013 |
Updated: | September 11, 2013 |
| Description: |
From the Debian advisory:
Several denial-of-service vulnerabilities were discovered in the dcraw
code base, a program for processing raw format images from digital
cameras. This update corrects them in the copy that is embedded in
the exactimage package. |
| Alerts: |
|
Comments (none posted)
Foreman: multiple vulnerabilities
| Package(s): | Foreman |
CVE #(s): | CVE-2013-4180
CVE-2013-4182
|
| Created: | September 4, 2013 |
Updated: | September 5, 2013 |
| Description: |
From the Red Hat advisory:
A flaw was found in the API where insufficient privilege checks were
conducted by the hosts controller, allowing any user with API access to
control any host. (CVE-2013-4182)
A denial of service flaw was found in Foreman in the way user input was
converted to a symbol. An authenticated user could create inputs that would
lead to excessive memory consumption. (CVE-2013-4180) |
| Alerts: |
|
Comments (none posted)
imagemagick: code execution
| Package(s): | imagemagick |
CVE #(s): | CVE-2013-4298
|
| Created: | September 4, 2013 |
Updated: | September 10, 2013 |
| Description: |
From the Debian advisory:
Anton Kortunov reported a heap corruption in ImageMagick, a program
collection and library for converting and manipulating image files.
Crafted GIF files could cause ImageMagick to crash, potentially
leading to arbitrary code execution. |
| Alerts: |
|
Comments (none posted)
kde: code execution
| Package(s): | kde |
CVE #(s): | CVE-2013-2127
|
| Created: | September 3, 2013 |
Updated: | September 5, 2013 |
| Description: |
From the CVE entry:
Buffer overflow in the exposure correction code in LibRaw before 0.15.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. |
| Alerts: |
|
Comments (none posted)
kernel: two vulnerabilities
| Package(s): | kernel |
CVE #(s): | CVE-2013-4162
CVE-2013-4163
|
| Created: | August 29, 2013 |
Updated: | September 26, 2013 |
| Description: |
From the Debian advisory:
CVE-2013-4162:
Hannes Frederic Sowa reported an issue in the IPv6 networking subsystem.
Local users can cause a denial of service (system crash).
CVE-2013-4163:
Dave Jones reported an issue in the IPv6 networking subsystem. Local
users can cause a denial of service (system crash).
|
| Alerts: |
|
Comments (none posted)
libdigidoc: file overwrite
| Package(s): | libdigidoc |
CVE #(s): | CVE-2013-5648
|
| Created: | September 3, 2013 |
Updated: | September 5, 2013 |
| Description: |
From the CVE entry:
Absolute path traversal vulnerability in the handleStartDataFile function in DigiDocSAXParser.c in libdigidoc 3.6.0.0, as used in ID-software before 3.7.2 and other products, allows remote attackers to overwrite arbitrary files via a filename beginning with / (slash) or \ (backslash) in a DDOC file. |
| Alerts: |
|
Comments (none posted)
libmodplug: two code execution vulnerabilities
| Package(s): | libmodplug |
CVE #(s): | CVE-2013-4233
CVE-2013-4234
|
| Created: | September 5, 2013 |
Updated: | September 16, 2013 |
| Description: |
From the Red Hat bugzilla entry:
It was reported [1],[2] that libmodplug suffers from two flaws when parsing ABC files:
1) An error within the "abc_MIDI_drum()" function (src/load_abc.cpp) can be exploited to cause a buffer overflow via a specially crafted ABC file.
2) An integer overflow within the "abc_set_parts()" function (src/load_abc.cpp) can be exploited to corrupt heap memory via a specially crafted ABC file.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
|
| Alerts: |
|
Comments (none posted)
mysql: multiple unspecified vulnerabilities
| Package(s): | MySQL |
CVE #(s): | CVE-2013-3794
CVE-2013-3795
CVE-2013-3796
CVE-2013-3798
CVE-2013-3801
CVE-2013-3805
CVE-2013-3806
CVE-2013-3807
CVE-2013-3808
CVE-2013-3810
CVE-2013-3811
|
| Created: | August 30, 2013 |
Updated: | September 5, 2013 |
| Description: |
CVE-2013-3794: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Partition.
CVE-2013-3795: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
CVE-2013-3796: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
CVE-2013-3798: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect integrity and availability via unknown vectors related to MemCached.
CVE-2013-3801: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.
CVE-2013-3805: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Prepared Statements.
CVE-2013-3806: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-3811.
CVE-2013-3807: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Server Privileges.
CVE-2013-3808: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.
CVE-2013-3810: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA Transactions.
CVE-2013-3811: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-3806. |
| Alerts: |
|
Comments (none posted)
ngircd: denial of service
| Package(s): | ngircd |
CVE #(s): | CVE-2013-5580
|
| Created: | September 3, 2013 |
Updated: | September 5, 2013 |
| Description: |
From the Mageia advisory:
Denial of service bug (server crash) in ngIRCd before 20.3 which could happen
when the configuration option "NoticeAuth" is enabled (which is NOT the
default) and ngIRCd failed to send the "notice auth" messages to new clients
connecting to the server. |
| Alerts: |
|
Comments (none posted)
openstack-cinder: multiple vulnerabilities
| Package(s): | openstack-cinder |
CVE #(s): | CVE-2013-4183
CVE-2013-4202
|
| Created: | September 4, 2013 |
Updated: | September 5, 2013 |
| Description: |
From the Red Hat advisory:
It was found that the fixes for CVE-2013-1664 and CVE-2013-1665, released
via RHSA-2013:0658, did not fully correct the issues in the Extensible
Markup Language (XML) parser used by Cinder. A remote attacker could use
this flaw to send a specially-crafted request to a Cinder API, causing
Cinder to consume an excessive amount of CPU and memory, or possibly crash.
(CVE-2013-4202)
A bug in the Cinder LVM driver prevented LVM snapshots from being securely
deleted in some cases, potentially leading to information disclosure to
other tenants. (CVE-2013-4183) |
| Alerts: |
|
Comments (none posted)
openstack-nova: multiple vulnerabilities
| Package(s): | openstack-nova |
CVE #(s): | CVE-2013-2256
CVE-2013-4179
CVE-2013-4185
CVE-2013-4261
|
| Created: | September 4, 2013 |
Updated: | September 5, 2013 |
| Description: |
From the Red Hat advisory:
It was found that the fixes for CVE-2013-1664 and CVE-2013-1665, released
via RHSA-2013:0657, did not fully correct the issues in the Extensible
Markup Language (XML) parser used by Nova. A remote attacker could use
this flaw to send a specially-crafted request to a Nova API, causing
Nova to consume an excessive amount of CPU and memory, or possibly crash.
(CVE-2013-4179)
A denial of service flaw was found in the way Nova handled network source
security group policy updates. An authenticated user could send a large
number of server creation operations, causing nova-network to become
unresponsive. (CVE-2013-4185)
An information disclosure flaw and a resource limit bypass were found in
the way Nova handled virtual hardware templates (flavors). These allowed
tenants to show and boot other tenants' flavors and bypass resource limits
enforced via the os-flavor-access:is_public property. (CVE-2013-2256)
It was discovered that, in some configurations, certain messages in
console-log could cause nova-compute to become unresponsive, resulting in a
denial of service. (CVE-2013-4261) |
| Alerts: |
|
Comments (none posted)
perl-Module-Metadata: code execution
| Package(s): | perl-Module-Metadata |
CVE #(s): | CVE-2013-1437
|
| Created: | September 3, 2013 |
Updated: | September 5, 2013 |
| Description: |
From the Red Hat bug report:
It was reported that the perl Module::Metadata module incorrectly claimed that it would gather metadata about a .pm file without executing unsafe code. However, when Module::Metadata determines the version of a module, it can extract a small amount of code (if present in the $Version variable assignment) and evaluates it, which can lead to the execution of arbitrary code (the same code that module would execute to obtain the value of $Version). |
| Alerts: |
|
Comments (none posted)
php-pear-Auth-OpenID: denial of service
| Package(s): | php-pear-Auth-OpenID |
CVE #(s): | CVE-2013-4701
|
| Created: | September 3, 2013 |
Updated: | September 16, 2013 |
| Description: |
From the CVE entry:
Auth/Yadis/XML.php in PHP OpenID Library 2.2.2 and earlier allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via XRDS data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. |
| Alerts: |
|
Comments (none posted)
python-virtualenv: code execution
| Package(s): | python-virtualenv |
CVE #(s): | CVE-2013-1633
|
| Created: | September 5, 2013 |
Updated: | September 18, 2013 |
| Description: |
From the Red Hat bugzilla entry:
easy_install in setuptools before 0.7 uses HTTP to retrieve packages
from the PyPI repository, and does not perform integrity checks on
package contents, which allows man-in-the-middle attackers to execute
arbitrary code via a crafted response to the default use of the
product. |
| Alerts: |
|
Comments (none posted)
roundcubemail: two cross-site scripting flaws
Comments (none posted)
ruby: switch to https for gem installation
| Package(s): | ruby |
CVE #(s): | |
| Created: | September 5, 2013 |
Updated: | September 5, 2013 |
| Description: |
From the openSUSE advisory:
The ruby gemrc configured the gem installation source as
http source, allowing man in the middle attacks (if someone
could provide a different address for rubygems.org).
|
| Alerts: |
|
Comments (none posted)
ssmtp: user credentials leak
| Package(s): | ssmtp |
CVE #(s): | |
| Created: | September 3, 2013 |
Updated: | September 5, 2013 |
| Description: |
From the Red Hat bugzilla:
It was reported that ssmtp, an extremely simple MTA to get mail off the system to a mail hub, did not perform x509 certificate validation when initiating a TLS connection to server. A rogue server could use this flaw to conduct man-in-the-middle attack, possibly leading to user credentials leak. |
| Alerts: |
|
Comments (none posted)
strongswan: code execution
| Package(s): | strongswan |
CVE #(s): | CVE-2013-2054
|
| Created: | September 3, 2013 |
Updated: | September 5, 2013 |
| Description: |
From the CVE entry:
Buffer overflow in the atodn function in strongSwan 2.0.0 through 4.3.4, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service (pluto IKE daemon crash) and possibly execute arbitrary code via crafted DNS TXT records. NOTE: this might be the same vulnerability as CVE-2013-2053 and CVE-2013-2054. |
| Alerts: |
|
Comments (none posted)
Page editor: Jake Edge
Next page: Kernel development>>
