Thursday, January 21, 20:14
Home security Vulnerability allows a hacker to breach VPN connections

Vulnerability allows a hacker to breach VPN connections

VPN

A new vulnerability, recently discovered by security researchers, affects operating systems such as Linux, Android, MacOS and others, allowing an intruder to monitor, breach, and experiment with VPN connections.

It was named CVE-2019-14899 and is located in the stacks of multiplexing Unix-based operating systems, and more specifically in how operating systems respond to unexpected network packet detectors.

As the team of investigators revealed, malicious users can use this vulnerability to detect devices and find out details about their victim's VPN connection status.

Attacks can take place through a malicious access point or router or even from one hacker located on the same network to "determine if another user is connected to a VPN, the virtual IP address assigned by the VPN server, and whether or not there is an active connection to a particular site."

In addition, the research team claims that it was able to determine the exact sequence of packets in some VPN connections.

"It allows us to enter data into the stream TCP and break links, "said William J. Tolley, one of three members of the Breakpointing Bad research team at the University of New Mexico.

The team stated that it was able to exploit this vulnerability in the following operating systems:

Ubuntu 19.10 (systemd)

Fedora (systemd)

Debian 10.2 (systemd)

Arch 2019.05 (systemd)

Manjaro 18.1.1 (systemd)

Devuan (sysV init)

MX Linux 19 (Mepis + antiX)

Void Linux (runit)

Slackware 14.2 (rc.d)

Deepin (rc.d)

FreeBSD (rc.d)

OpenBSD (rc.d)

However, other Unix-based operating systems, such as Android and MacOS, are also affected.

The VPNs that the research team was able to influence were OpenVPN, WireGuard and IKEv2 / IPSec and possibly others, as they stated "the VPN technology used does not seem to matter."

In response, Jason A. Donenfeld, creator of the open source WireGuard VPN, stated that "this is not a WireGuard vulnerability, but something in the routing code and / or TCP code in the affected operating systems."

According to the research team, the attack is based on sending unwanted network packets to the victim's device.

The smart attack is based on how the research team created these packages and how they used system responses to infer what the user did on the VPN network.

The attack is not easy to execute, so a massive exploitation is difficult to accomplish before they are created patches. However, vulnerability is ideal for targeted attacks if the attacker has the experience to execute it.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Absent Mia
Absent Miahttps://www.secnews.gr
Being your self, in a world that constantly tries to change you, is your greatest achievement

LIVE NEWS

Mac: How to see which model you have and when it was released

When you need support for your Mac - or want to install some kind of upgrade - you usually need to know the exact ...
00:02:35

Bill Gates: Will he work with Biden on COVID-19 / climate change?

Microsoft co-founder Bill Gates said on Twitter that he is looking forward to working with the new US President, Joe Biden, and ...

What are the rumors circulating about the iPhone 13?

Apple iPhone 13 will have a redesigned Face ID system that will have a smaller notch at the top of the screen, ...

Biden: How was the political transition in the US captured on social media?

As Joe Biden was sworn in as President of the United States, this important political transition was captured on popular social media. On January 20, ...

CentOS ceases to be supported but RHEL is offered for free

Last month, Red Hat caused a great deal of concern in the Linux world when it announced the discontinuation of CentOS Linux.

Microsoft Office 365 employee passwords leaked online!

A new large-scale phishing campaign targeting global organizations has been found to bypass Microsoft Office 365 Advanced Threat Protection (ATP) and ...

COSMOTE and Microsoft provide new cloud solutions for businesses

COSMOTE and Microsoft expand their cooperation, offering even more advanced and high quality cloud solutions, in large and small ...

Cyber ​​attacks in Eastern Europe are on the rise!

The cyber-attacks that have taken place in many US government agencies and companies in recent months have caused concern in the developing countries of ...

Tesla reduces the prices of the Model 3 in Europe

Tesla has reduced the prices of the Model 3 in many European markets, which reductions could be partly linked ...

iOS, Android, XBox users in the crosshairs of a new malvertising campaign

Recently a new malvertising campaign was discovered that targets users of mobile and other connected devices and uses effective ...