Changes between Version 1 and Version 2 of SecurityAnnouncement-f375aa67cc
- Timestamp:
- 04/10/13 12:04:52 (11 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
SecurityAnnouncement-f375aa67cc
v1 v2 1 1 = Exploit summary = 2 2 3 OpenVPN 2.3.0 and earlier are subject to a potential timing-based side-channel attack, which is made possible by a non-constant-time HMAC comparison function. Plaintext recovery is possibleusing a padding oracle attack, optimistically at a rate of about one character per 3 hours. OpenVPN with PolarSSL is vulnerable; the vulnerability of OpenSSL-based OpenVPN has not been verified or tested.3 OpenVPN 2.3.0 and earlier running in UDP mode with a CBC mode cipher are subject to a chosen ciphertext attack due to non-constant-time HMAC comparison function. Plaintext recovery is possible using a using a padding oracle attack, optimistically at a rate of about one character per 3 hours. OpenVPN with PolarSSL is vulnerable; the vulnerability of OpenSSL-based OpenVPN has not been verified or tested. 4 4 5 The [https://github.com/OpenVPN/openvpn/commit/11d21349a4e7e38a025849479b36ace7c2eec2ee fix] for this attack makes the affected function constant-time and thus prevents this exploit. 6 7 = Requirements = 8 9 Successful attack requires that 10 11 * OpenVPN is running in UDP mode with a CBC mode cipher 12 * The attacker must be able to measure the processing time of the packets 13 14 The feasibility of attack is increased significantly if encryption and/or authentication is disabled. 15 16 = Mitigating factors = 5 = Severity = 17 6 18 7 OpenVPN servers are typically configured to silently drop packets with the wrong HMAC. For this reason measuring the processing time of the packets is not trivial without a MITM position. In practice, the attack likely needs some target-specific information to be effective. 8 9 The severity of this vulnerability can be considered low. 19 10 20 11 = Affected versions = 21 12 22 13 OpenVPN 2.3.0 and earlier are vulnerable. A fix ([https://github.com/OpenVPN/openvpn/commit/11d21349a4e7e38a025849479b36ace7c2eec2ee commit f375aa67cc]) is included in OpenVPN 2.3.1 and later. 14 15