Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: New vulnerability lets attackers sniff or hijack VPN connections

06 Dec 2019   #1
Brink

64-bit Windows 10 Pro
 
 
New vulnerability lets attackers sniff or hijack VPN connections

Quote:
Academics have disclosed this week a security flaw impacting Linux, Android, macOS, and other Unix-based operating systems that allows an attacker to sniff, hijack, and tamper with VPN-tunneled connections.

The vulnerability -- tracked as CVE-2019-14899 -- resides in the networking stacks of multiple Unix-based operating systems, and more specifically, in how the operating systems reply to unexpected network packet probes.

According to the research team, attackers can use this vulnerability to probe devices and discover various details about the user's VPN connection status.

Attacks can be carried out from a malicious access point or router, or by an attacker present on the same network "to determine if another user is connected to a VPN, the virtual IP address they have been assigned by the VPN server, and whether or not there is an active connection to a given website."

Furthermore, the research team also claims they were also able to determine the exact packet sequence in certain VPN connections.

"This allows us to inject data into the TCP stream and hijack connections," said William J. Tolley, one of the three members of the Breakpointing Bad research team at the University of New Mexico.

MULTIPLE OPERATING SYSTEMS IMPACTED

The team said they tested and successfully exploited the vulnerability on the following operating systems:
  • Ubuntu 19.10 (systemd)
  • Fedora (systemd)
  • Debian 10.2 (systemd)
  • Arch 2019.05 (systemd)
  • Manjaro 18.1.1 (systemd)
  • Devuan (sysV init)
  • MX Linux 19 (Mepis+antiX)
  • Void Linux (runit)
  • Slackware 14.2 (rc.d)
  • Deepin (rc.d)
  • FreeBSD (rc.d)
  • OpenBSD (rc.d)
Other Unix-based operating systems like Android and macOS are also impacted.

The research team said their attack worked against VPN technologies like OpenVPN, WireGuard, and IKEv2/IPSec, and possibly others, as "the VPN technology used does not seem to matter."


Read more: New vulnerability lets attackers sniff or hijack VPN connections | ZDNet


My System SpecsSystem Spec
.
07 Dec 2019   #2
F22 Simpilot

Windows 7 Ultimate x64
 
 

Well, so much for my router's VPN connection. This particular router doesn't get ASUS Merlin updates anymore. I do have another ASUS router that's newer though. I may have to deploy that with updated firmware.
My System SpecsSystem Spec
Reply

 New vulnerability lets attackers sniff or hijack VPN connections




Thread Tools




Similar help and support threads
Thread Forum
Security flaw lets attackers recover private keys from Qualcomm chips
Read more: Security flaw lets attackers recover private keys from Qualcomm chips | ZDNet
News
WordPress plugin vulnerability lets any user take over websites
Read more: WordPress plugin flaw lets you take over entire sites | ZDNet
News
How do I sniff/monitor lan traffic?
On my PC I have a program whose purpose is to send a command/instructions over the network to another computer on the lan. Software on that computer receives that command and executes accordingly. I would like to know the exact syntax of that command. I can't seem to understand what program I...
Network & Sharing
'State-sponsored attackers' using IE zero-day to hijack GMail accounts
see full report
News
Yaa! DLL Hijack Auditor: For Microsoft DLL hijack vulnerability
Not sure if anyone has posted on this tool (or similar tools) yet, but security Exploded makes incredible tools, especially Anti Rootkit tools and Root kit detection tools, so I was happy to learn about this: rmhsCBMIJnA
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 23:35.
Twitter Facebook