One necessary precondition for true freedom of speech is a way to
communicate that does not identify the speaker or the listener. Several
projects are working to provide that ability through peer-to-peer
networking protocols that use cryptography to enable this kind of
communication:
Freenet,
Entropy, and
GNUnet.
The goals of these projects are quite similar, to provide for the free
exchange of ideas while thwarting any attempts to censor the information
or punish the participants.
The basic framework for each of these networks is a decentralized,
peer-to-peer communications model where a node in the network talks to
some number of other nodes, sending requests to these peer nodes and
handling requests that come from them. The messages sent between nodes
are encrypted using a session key that has been negotiated between the
nodes using public key encryption. This encryption should be sufficient
to deny a 'man in the middle' from determining anything useful about the
traffic (other than its existence).
When a node sends a request to one
of its peers, there is no reason to assume that the request actually
originated on that node as nodes will forward requests that they receive,
but cannot satisfy. Any response that is generated to a node is likewise not
necessarily ultimately bound for that node and could be the response
to a request that was forwarded by the node. With a sufficient number of
nodes and amount of traffic, no analysis of the traffic to or from nodes
will reveal the true source and destinations of the requests.
This stands in stark contrast to the more common peer-to-peer networks
where, once the content is found, a direct connection is made from the
destination to the source to retrieve the content.
Each node that fully participates in the network provides some local
storage for information in the network and can immediately
satisfy requests for any data that it has stored locally. In order to
provide deniability for the operators of these nodes, this data is
encrypted and the operators are unable to determine what content actually
resides on their node at any given time. Cryptographic hash functions on
the file contents are typically used to identify particular files that
have been inserted into the network. These identifiers are not
particularly user friendly - for instance a copy of Kevin Mitnick's book
The Art of Deception can be found in the Entropy network using
the identifier:
To make the system easier to use, various
network users have put together directories of content to help navigation.
The popularity of a file governs how long it stays in the network and how
often it is replicated. Each of the networks has limits on the amount
of storage available to it (based on the number of active nodes and the
amount of storage allocated to the nodes by each operator) and must
sometimes prune content when new content is added.
GNUnet tries to overcome the problem of 'freeloaders' (nodes that request
content but do not serve any) by adding an 'economic' layer to its network.
Each node
keeps track of its 'opinion' of the other nodes that it has talked to;
nodes that satisfy requests have a better reputation and will be treated
preferentially under higher network loads.
Both Freenet and Entropy provide an HTTP proxy that allows the use of
standard web browsers as clients to view some of the content on the
network. Entropy also adopted the Freenet Client Protocol so that all
of the client applications originally written for Freenet will work
with Entropy as well.
Frost is one of the most
widely used clients and provides file sharing and message board functionality.
GNUnet appears to mainly use command line
tools, though gnunet-gtk provides a graphical front-end.
Security is clearly taking precedence over performance, as it should, but
this causes the user
experience browsing Freenet or Entropy (at least) to be fairly frustrating.
Sites can take tens of minutes to load or fail to load altogether,
presumably because the information has either dropped out of the network
or any sites that contain the information are currently offline or too
far away (in network, not geographic, terms).
Critics of these projects complain that they could be used by criminals
for nefarious purposes and, obviously, that is true. There is no way to
provide for anonymous communication that cannot be abused and these projects
have decided that freedom of communication is more important than stopping
illegal uses. In the end, these networks are tools like computers or
phones and they can be used for good or for ill. It would be impossible
and a serious affront to liberty to outlaw all tools that could be
used to commit a crime.
If you go to Savannah,
the GNU project's development server, you'll find a note stating that it,
too, has been broken into. "The compromise seems to be of the same
nature as the recent attacks on Debian project servers; the attacker seemed
to operate identically." Savannah will be down until (at least)
December 5. (Thanks to "sdoyon", who posted the news in an LWN
comment).
A severe vulnerability was discovered in GnuPG by Phong Nguyen relating to
ElGamal sign+encrypt keys. This
email message from Werner Koch contains more information. "Phong
Nguyen identified a severe bug in the way GnuPG creates and uses ElGamal
keys for signing. This is a significant security failure which can lead to
a compromise of almost all ElGamal keys used for signing. Note that this
is a real world vulnerability which will reveal your private key within a
few seconds."
A vulnerability was discovered in the Linux kernel versions 2.4.22 and
previous. A flaw in bounds checking in the do_brk() function can allow a
local attacker to gain root privileges. This vulnerability is known to be
exploitable.
The 2.4.23 kernel contains the fix. For more details on how this vulnerability works, see this LWN article.
The Net-SNMP project includes various Simple Network Management Protocol
(SNMP) tools. A security issue in Net-SNMP versions before 5.0.9 could
allow an existing user/community to gain access to data in MIB objects that
were explicitly excluded from their view.
Version 5.0.9 of Net-SNMP is not vulnerable to this issue. In addition,
Net-SNMP 5.0.9 fixes a number of other minor bugs.
According to
this advisory a buffer overflow in GNU screen allows privilege
escalation for local users. Usually screen is installed either setgid-utmp
or setuid-root.
It also has some potential for remote attacks or getting control of another
user's screen. The problem is that you have to transfer around 2-3 gigabytes
of data to user's screen to exploit this vulnerability. 4.0.1, 3.9.15 and
older versions are vulnerable.
A vulnerability was discovered in stunnel versions 3.24 and earlier, as
well as 4.00, by Steve Grubb. It was found that stunnel leaks a critical
file descriptor that can be used to hijack stunnel's services. See this
advisory for more information.
Several security issues have been discovered affecting the Linux kernel:
CAN-2003-0461: /proc/tty/driver/serial reveals the exact character
counts for serial links. This could be used by a local attacker to infer
password lengths and inter-keystroke timings during password entry.
CAN-2003-0462: Paul Starzetz discovered a file read race condition
existing in the execve() system call, which could cause a local crash.
CAN-2003-0464: A recent change in the RPC code set the reuse flag on
newly-created sockets. Olaf Kirch noticed that his could allow normal
users to bind to UDP ports used for services such as nfsd.
CAN-2003-0476: The execve system call in Linux 2.4.x records the file
descriptor of the executable process in the file table of the calling
process, allowing local users to gain read access to restricted file
descriptors.
CAN-2003-0501: The /proc filesystem in Linux allows local users to
obtain sensitive information by opening various entries in /proc/self
before executing a setuid program. This causes the program to fail to
change the ownership and permissions of already opened entries.
CAN-2003-0550: The STP protocol is known to have no security, which
could allow attackers to alter the bridge topology. STP is now turned
off by default.
CAN-2003-0551: STP input processing was lax in its length checking,
which could lead to a denial of service.
CAN-2003-0552: Jerry Kreuscher discovered that the Forwarding table
could be spoofed by sending forged packets with bogus source addresses
the same as the local host.
Another buffer overflow in Apache 2.0.47 and earlier in mod_cgid's
mishandling of CGI redirect paths could result in CGI output going to the
wrong client when a threaded MPM is used.
CAN-2003-0789.
A problem was discovered in Apache2 where CGI scripts that write more than
4k to the standard error stream will hang the script's execution. This problem can lead to a
denial of service situation. See this bug
report for additional details.
Paul Mitcheson reported a situation where the CUPS Internet Printing
Protocol (IPP) implementation in CUPS versions prior to 1.1.19 would get
into a busy loop. This could result in a denial of service. In order to
exploit this bug an attacker would need to have the ability to make a TCP
connection to the IPP port (by default 631).
Multiple vulnerabilities have been found in
ethereal versions below 0.9.16. Remote attackers can craft
packets, and local users can build corrupt trace files,
resulting denial of service and remote code execution.
"fam" (file alteration monitor) watches files and directories for changes and lets interested applications know when something happens. This package has a flaw in its group handling that blocks some legitimate operations while, at the same time, exposing the names of files that should otherwise be invisible.
There is, it seems, an integer overflow vulnerability in "ls" which can be exploited via wu-ftpd to create a denial of service situation. See this advisory from Georgi Guninski for details.
DNS stub resolvers from multiple vendors contain a buffer overflow
vulnerability. The impact of this vulnerability appears to be limited to
denial of service. (See CERT Vulnerability Note
VU#738331)
The BIND 4 and BIND 8.2.x stub resolver libraries, and other libraries such
as glibc 2.2.5 and earlier, libc, and libresolv, uses the maximum buffer
size instead of the actual size when processing a DNS response, which
causes the stub resolvers to read past the actual boundary ("read buffer
overflow"), allowing remote attackers to cause a denial of service
(crash).
GtkHTML is the HTML rendering widget used by the Evolution mail reader.
GtkHTML supplied with versions of Evolution prior to 1.2.4 contain a bug
when handling HTML messages. Alan Cox discovered that certain malformed
messages could cause the Evolution mail component to crash.
The kernel-utils package contains several utilities that can be used to
control the kernel or machine hardware. In Red Hat Linux 8.0 this package
contains user mode linux (UML) utilities.
The uml_net utility in kernel-utils packages with Red Hat Linux 8.0 was
incorrectly shipped setuid root. This could allow local users to control
certain network interfaces, add and remove arp entries and routes, and put
interfaces in and out of promiscuous mode.
All users of the kernel-utils package should update to these packages that
contain a version of uml_net that is not setuid root.
Alternatively, as a work-around to this vulnerability issue the following
command as root:
libnids (a NIDS plugin which emulates the Linux 2.0 IP stack) contains a buffer overflow vulnerability which can be exploited remotely. Version 1.18 fixes the problem.
Glenn Randers-Pehrson discovered a problem in connection with 16-bit
samples from libpng, an interface for reading and writing PNG
(Portable Network Graphics) format files. The starting offsets for
the loops are calculated incorrectly which causes a buffer overrun
beyond the beginning of the row buffer.
A remotely exploitable buffer overflow vulnerability was found in
MPlayer. A malicious host can craft a harmful ASX header, and trick MPlayer
into executing arbitrary code upon parsing that header. Read the full advisory
for details.
Some some vulnerabilities exsist in the Nessus NASL scripting engine. To
exploit these flaws, an attacker would need to have a valid Nessus account
as well as the ability to upload arbitrary Nessus plugins in the Nessus
server (this option is disabled by default) or he/she would need to trick a
user somehow into running a specially crafted nasl script. Read the full
advisory for additional information.
Linux NFS utils package contains remotely exploitable off-by-one bug.
A local or remote attacker could exploit this vulnerability by sending
specially crafted request to rpc.mountd daemon. See this BugTraq post for more details.
From the advisory:
"During a pen-test we stumbled across a nasty bug in OpenSSH-portable
with PAM support enabled (via the --with-pam configure script switch). This
bug allows a remote attacker to identify valid users on vulnerable systems,
through a simple timing attack. The vulnerability is easy to exploit and
may have high severity, if combined with poor password policies and other
security problems that allow local privilege escalation."
Pan is a Gnome/GTK+ newsreader. A bug in Pan versions prior to 0.13.4 can
cause Pan to crash when parsing an article header containing a very long
author email address. This bug causes a crash (denial of service) but is
not further exploitable.
The postfix MTA, versions through 1.1.12 (but not 2.0) is subject to two remotely exploitable denial of service vulnerabilities; see this advisory from Michal Zalewski for details.
The ASCII translation mechanism in ProFTPD 1.2.8 contains a vulnerability which will provide a remote attacker with a root shell - if the attacker is able to download a specially-crafted file. See this ISS advisory for more information.
usePerl has a
description of a vulnerability in the Safe.pm Perl module. It seems
that if a Safe compartment is used more than once, it ceases to be safe.
The problem is fixed in Safe 2.08.
Alexander Hvostov, Julien Blache and Aurelien Jarno discovered several
security-related problems in the sane-backends package, which contains
an API library for scanners including a scanning daemon (in the
package libsane) that can be remotely exploited. These problems allow
a remote attacker to cause a segfault fault and/or consume arbitrary
amounts of memory. The attack is successful, even if the attacker's
computer isn't listed in saned.conf.
You are only vulnerable if you actually run saned e.g. in xinetd or
inetd. If the entries in the configuration file of xinetd or inetd
respectively are commented out or do not exist, you are safe.
Try "telnet localhost 6566" on the server that may run saned. If you
get "connection refused" saned is not running and you are safe.
The Common Vulnerabilities and Exposures project identifies the
following problems:
CAN-2003-0773: saned checks the identity (IP address) of the remote
host only after the first communication took place (SANE_NET_INIT). So
everyone can send that RPC, even if the remote host is not allowed to
scan (not listed in saned.conf).
CAN-2003-0774: saned lacks error checking nearly everywhere in the
code. So connection drops are detected very late. If the drop of the
connection isn't detected, the access to the internal wire buffer leaves
the limits of the allocated memory. So random memory "after" the wire
buffer is read which will be followed by a segmentation fault.
CAN-2003-0775: If saned expects strings, it mallocs the memory
necessary to store the complete string after it receives the size of the
string. If the connection was dropped before transmitting the size,
malloc will reserve an arbitrary size of memory. Depending on that size
and the amount of memory available either malloc fails (->saned quits
nicely) or a huge amount of memory is allocated. Swapping and OOM
measures may occur depending on the kernel.
CAN-2003-0776: saned doesn't check the validity of the RPC numbers
it gets before getting the parameters.
CAN-2003-0777: If debug messages are enabled and a connection is
dropped, non-null-terminated strings may be printed and segmentation
faults may occur.
CAN-2003-0778: It's possible to allocate an arbitrary amount of
memory on the server running saned even if the connection isn't dropped.
At the moment this can not easily be fixed according to the author.
Better limit the total amount of memory saned may use (ulimit).
The tar utility does not properly filter file names containing
"../", meaning that a hostile archive can, if unpacked by an
unsuspecting user, overwrite any file that is writable by that user. GNU
tar versions 1.13.19 and earlier are vulnerable; unzip through version 5.42
has the same vulnerability.
This vulnerability,
originally thought to be confined to BSD-derived systems, was first covered
in the July 26th Security
Summary. It is now known that Linux telnet daemons are vulnerable as
well.
VIM allows a user to set the modeline differently for each edited text file
by placing special comments in the files. Georgi Guninski found that these
comments can be carefully crafted in order to call external programs. This
could allow an attacker to create a text file such that when it is opened
arbitrary commands are executed.
Zebra an open source implementation of TCP/IP routing software.
Jonny Robertson reported that Zebra can be remotely crashed if a Zebra
password has been enabled and a remote attacker can connect to the Zebra
telnet management port. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2003-0795 to this issue.
Herbert Xu reported that Zebra can accept spoofed messages sent on the
kernel netlink interface by other users on the local machine. This could
lead to a local denial of service attack. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2003-0858 to
this issue.
A new mailing list (called "SC-L") has been set up for the discussion of
secure application development. It is a moderated list. Click below for
the full announcement, and instructions for signing up.
