|CVE Reference||CVE-2018-16737, CVE-2018-16738, CVE-2018-16758|
|Type||Cryptographic Protocol Flaws|
tinc (https://www.tinc-vpn.org/) is a piece of software used to create Virtual Private Networks (VPNs).
A lack of authenticity verification enables attackers to bypass the authentication scheme, due to a decryption oracle, as well as to modify meta-messages, if they are in a position to Man in the Middle (MitM) traffic. Meta-messages are used to manage the VPN network itself, these messages may for example negotiate new keys, authenticate new nodes or change the network structure, but do not carry any of the data that is sent over the network itself as a medium.
Attackers can remotely bypass the authentication protocol allowing them to replace other nodes with themselves (CVE-2018-16737 and CVE-2018-16738) and meta-messages may be modified in transit (CVE-2018-16758).
The authenticity of meta-messages is never verified which results in the inability to detect maliciously modified or replayed meta-messages. In addition a decryption oracle for authentication challenges was found.
Upgrading to versions past 1.0.30 limits the content of a meta-message that can be modified by an attacker due to a different cipher mode being used and also significantly increases the complexity of successfully bypassing the authentication scheme. Setting the ping timeout to a low value also makes a successful bypass of the authentication more difficult, as the attack has to be completed within the timeout window and involves sending a large number of messages, which took multiple seconds on a test system.
Apply the vendor supplied patch for the issue.
Please refer to the attached advisory.
|2018-09-06||Issue reported to vendor|
|2018-09-09||CVE-2018-16737, CVE-2018-16738 and CVE-2018-16758 assigned|