Home
Artists
Search Recent Random
Posts
Search DMs Popular Hash Lookup Tags Random
Importer
Import FAQ
Register
Partychan Telegram Live Sex ThePornDude
Home Artists Posts Import Register

Linux Network Flaw - ThreatWire Crosspost (Patreon)

Published:
2019-12-11 22:09:52
Imported:
2023-11
Tags:

Downloads

Content

A team of three researchers from the Breakpointing Bad Research Team at the University of New Mexico found a security flaw that impacts Linux, Android, macOS, and any other Unix-based systems. The flaw would allow an attacker to sniff traffic, hijack the device, and tamper with VPN tunnelled connections. They reported the flaw as CVE-2019-14899.

The problem occurs due to the way Unix OS’s deal with and reply to unexpected network packet probes within their networking stacks. An attacker could use a malicious access point or router or just be on the same local network as a target. They would send unsolicited network packets to a target device and watch how the device replies.

They could use the vulnerability to find devices that are connected to VPNs, and find out if the IP address assigned to that user from the VPN is connected and active on any given website. To make the vulnerability worse, they also were able to determine the packet sequence for some VPN connections. That could allow an attacker to inject malicious data into a TCP stream to hijack those connections.

The research team knows it affects Ubuntu 19 10, Fedora, Debian 10.2, FreeBSD, OpenBSD, as well as several other operating systems. And while you may not use Linux at home, it also affects Android and MacOS, again.

Using one VPN technology over another didn’t seem to matter, as they were able to use this attack against OpenVPN, WireGuard, and others. VPN providers have stated this is a problem within the routing table code or TCP code of affected OS’s.

It’s a highly technical and targeted attack so chances are you wouldn’t experience this yourself as it couldn’t be used in mass exploitation. The researchers offered mitigation options for server owners while patches are on their way.


ThreatWire is only possible because of our Patreon patrons! https://www.patreon.com/threatwire 

Shop ThreatWire Merch!

https://snubsie.com/shop

Links:

https://seclists.org/oss-sec/2019/q4/122

https://www.zdnet.com/article/new-vulnerability-lets-attackers-sniff-or-hijack-vpn-connections/

https://threatpost.com/linux-bug-vpns-hijacking/150891/

https://thehackernews.com/2019/12/linux-vpn-hacking.html

Comments

No comments found for this post.