Casa > cibernético Notícias > CVE-2017-7521, Correção de bug de execução remota de código do OpenVPN
CYBER NEWS

CVE-2017-7521, Correção de bug de execução remota de código do OpenVPN

Are you a user of OpenVPN? The software patched four vulnerabilities just this week. One of the flaws is quite severe – a remote code execution bug that could allow an authenticated attacker to run code on a compromised box. The vulnerability is identified as CVE-2017-7521.

Story relacionado: CVE-2016-8939, a vulnerabilidade de TSM que a IBM negligenciou para 2 Anos

CVE-2017-7521 Technical Details

The flaw affects OpenVPN server side, and as explained by Guido Vranken, the flaw can cause “Remote server crashes/double-free/memory leaks in certificate processing”. além do que, além do mais:

CVE-2017-7521 can drain the server of available memory, which may lead to a ‘double-free,’ which is a way to corrupt the server’s memory. Em resumo, the worst-case scenario is that the user can execute their code on the server. This is the worst vulnerability. They authenticate and then send crafted data, after which the server crashes. I’d say this a worrisome issue for (comercial) VPN providers, so they definitely need to update as soon as possible.

The Other Flaws (CVE-2017-7520, CVE-2017-7522, CVE-2017-7508)

The patches for all four flaws, CVE-2017-7521 inclusive, were issued after they were disclosed privately by Vranken who used a fuzzer to find the bugs.

Were the flaws exploited in public attacks? The researcher says he doesn’t know. “This is difficult for me to say. But I’d say that if I can do this in a couple of weeks of spare time out of sheer curiosity, heavily funded organizations with political objectives can do it too,” he explained.

Three of the flaws the researcher came across were server-side causing servers to crash. The client-side flaw enables hackers to steal passwords to obtain access to the proxy. The server-side flaws require the hacker to be authenticated.

All the server issues require that the user is authenticated. This requires that the system administrator signs the certificate of a malicious user. For individual users who run their private server this is unlikely to occur, but it is bad for VPN services that have automated this process for a large group of (untrusted) Comercial.

You can view the full report aqui.

Story relacionado: CVE-2017-1000367, Vulnerabilidade Root grave em Linux Sudo
Milena Dimitrova

Milena Dimitrova

Um escritor inspirado e gerente de conteúdo que está com SensorsTechForum desde o início do projeto. Um profissional com 10+ anos de experiência na criação de conteúdo envolvente. Focada na privacidade do usuário e desenvolvimento de malware, ela acredita fortemente em um mundo onde a segurança cibernética desempenha um papel central. Se o senso comum não faz sentido, ela vai estar lá para tomar notas. Essas notas podem mais tarde se transformar em artigos! Siga Milena @Milenyim

mais Posts

Me siga:
Twitter

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

Compartilhar no Facebook Compartilhar
Carregando...
Compartilhar no Twitter chilrear
Carregando...
Compartilhar no Google Plus Compartilhar
Carregando...
Partilhar no Linkedin Compartilhar
Carregando...
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Carregando...
Partilhar no StumbleUpon Compartilhar
Carregando...