X-Git-Url: https://www.tinc-vpn.org/git/browse?p=wiki;a=blobdiff_plain;f=security.mdwn;fp=security.mdwn;h=f08ba83e4e0774fe8a75e8a96cb1d0c53f2ed71b;hp=ce4a416b20a70991500471eff9eb843703752fc5;hb=5bc54052c8ca8a1aee4eaebe3f8433f35cfa3098;hpb=d0072a11debc576b5fd970841117a89bdfe8549a diff --git a/security.mdwn b/security.mdwn index ce4a416..f08ba83 100644 --- a/security.mdwn +++ b/security.mdwn @@ -9,7 +9,7 @@ We will then try to get a CVE number assigned, and coordinate a bugfix release w The following list contains advisories for security issues in tinc in old versions: - [CVE-2018-16758](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16758): - Tinc 1.0.34 and earlier allow a [man-in-the-middle attack](https://en.wikipedia.org/wiki/Man-in-the-middle_attack) + Michael Yonli discovered that tinc 1.0.34 and earlier allow a [man-in-the-middle attack](https://en.wikipedia.org/wiki/Man-in-the-middle_attack) that, even if the MITM cannot decrypt the traffic sent between the two endpoints, when the MITM can correctly predict when an ephemeral key exchange message is sent in a TCP connection between two nodes, allows the MITM to @@ -17,7 +17,7 @@ The following list contains advisories for security issues in tinc in old versio The tinc 1.1pre versions are not affected by this. - [CVE-2018-16738](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16738): - Tinc versions 1.0.30 to 1.0.34 allow an [oracle attack](https://en.wikipedia.org/wiki/Oracle_attack), + Michael Yonli discoverd that tinc versions 1.0.30 to 1.0.34 allow an [oracle attack](https://en.wikipedia.org/wiki/Oracle_attack), similar to CVE-2018-16737, but due to the mitigations put in place for the Sweet32 attack in tinc 1.0.30, it now requires a [timing attack](https://en.wikipedia.org/wiki/Timing_attack) that has only a limited time to complete. @@ -25,7 +25,7 @@ The following list contains advisories for security issues in tinc in old versio VPN that still use the legacy protocol from tinc version 1.0.x. - [CVE-2018-16737](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16737): - Tinc 1.0.29 and earlier allow an [oracle attack](https://en.wikipedia.org/wiki/Oracle_attack) + Michael Yonly discovered that tinc 1.0.29 and earlier allow an [oracle attack](https://en.wikipedia.org/wiki/Oracle_attack) that could allow a remote attacker to establish one-way communication with a tinc node, allowing it to send fake control messages and inject packets into the VPN. The attack takes only a few seconds to complete.