tinc SECURITY INFORMATION - Unauthorized access to VPN

[Ivo Timmermans]

Although we (the authors of tinc) have done our best to make tinc as
secure as possible, an unfortunate combination of encryption and key
exchange techniques has created a hole in at least all versions of
tinc >= 0.3, including the current CVS version.


Exploit:

If somebody can intercept the meta protocol to a host that is running
a tinc daemon, it is possible to decrypt the passphrase, which can
then be used to gain unauthorized access to the VPN, and become a part
of it.


Workaround:

Add firewall rules so that only trusted hosts can connect to the tinc
daemon.


Fix:

We are currently working on the implementation of a new protocol, with
a different authentication scheme.  We expect to have a working
version in CVS around next weekend, we will release a new version
(1.0pre3) when this becomes stable.


Guus Sliepen
Ivo Timmermans
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
Url : http://brouwer.uvt.nl/pipermail/tinc/attachments/20000910/7afc8968/attachment.pgp