VPN Vulnerability (CVE-2019-14899)
-
New Vulnerability Lets Attackers Hijack VPN Connections on Most UNIX Systems
Affecting most GNU/Linux distributions, as well as FreeBSD, OpenBSD, Android, iOS and macOS systems, the new security vulnerability could allow a local attacker to determine if another user is connected to a VPN (Virtual Private Network) server and whether or not there's an active connection to a certain website.
The vulnerability (CVE-2019-14899) is exploitable with adjacent network access, which requires the attacker to have access to either the broadcast or collision domain of the vulnerable operating system, and lets attackers to hijack connections by injecting data into the TCP (Transmission Control Protocol) stream.
The vulnerability has been reported to work against various popular VPN solutions, including OpenVPN, IKEv2/IPSec, as well as WireGuard, and it doesn't matter which VPN technology is being used, thus allowing attacker to determine the type of packets being sent through the encrypted VPN tunnel.
-
Tricky VPN-busting bug lurks in iOS, Android, Linux distros, macOS, FreeBSD, OpenBSD, say university eggheads
A bug in the way Unix-flavored systems handle TCP connections could put VPN users at risk of having their encrypted traffic hijacked, it is claimed.
The University of New Mexico team of William Tolley, Beau Kujath, and Jedidiah Crandall this week said they've discovered CVE-2019-14899, a security weakness they report to be present in "most" Linux distros, along with Android, iOS, macOS, FreeBSD, and OpenBSD. The upshot is, if exploited, encrypted VPN traffic can be potentially hijacked and disrupted by miscreants on the network.
To pull off the attack, the US-based posse says, a hacker would need to be "network adjacent" to their target, or control an access point on the victim's local network. Once the victim connected to their VPN, the spy would be able to, for one thing, tamper with the TCP stream to do things like inject packets into the stream.
-
New Linux Vulnerability Lets Attackers Hijack VPN Connections
Security researchers found a new vulnerability allowing potential attackers to hijack VPN connections on affected *NIX devices and inject arbitrary data payloads into IPv4 and IPv6 TCP streams. They disclosed the security flaw tracked as CVE-2019-14899 to distros and the Linux kernel security team, as well as to others impacted such as Systemd, Google, Apple, OpenVPN, and WireGuard. The vulnerability is known to impact most Linux distributions and Unix-like operating systems including FreeBSD, OpenBSD, macOS, iOS, and Android. A currently incomplete list of vulnerable operating systems and the init systems they came with is available below, with more to be added once they are tested and found to be affected: Ubuntu 19.10 (systemd), Fedora (systemd), Debian 10.2 (systemd), Arch 2019.05 (systemd), Manjaro 18.1.1 (systemd), Devuan (sysV init), MX Linux 19 (Mepis+antiX), Void Linux (runit), Slackware 14.2 (rc.d), Deepin (rc.d), FreeBSD (rc.d), and OpenBSD (rc.d).
-
New Linux Vulnerability Lets Attackers Hijack VPN Connections
Security researchers found a new vulnerability allowing potential attackers to hijack VPN connections on affected *NIX devices and inject arbitrary data payloads into IPv4 and IPv6 TCP streams.
They disclosed the security flaw tracked as CVE-2019-14899 to distros and the Linux kernel security team, as well as to others impacted such as Systemd, Google, Apple, OpenVPN, and WireGuard.
-
New vulnerability lets attackers sniff or hijack VPN connections
The vulnerability -- tracked as CVE-2019-14899 -- resides in the networking stacks of multiple Unix-based operating systems, and more specifically, in how the operating systems reply to unexpected network packet probes.
- Login or register to post comments
- Printer-friendly version
- 4773 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
Hackers Can Hijack VPN Connections Using A New Linux
Hackers Can Hijack VPN Connections Using A New Linux Vulnerability
Linux security flaw could let VPN connections be hacked
Linux security flaw could let VPN connections be hacked
Linux Flaw Allows VPN Hijacking
Linux Flaw Allows VPN Hijacking
New Linux vulnerability lets attackers to hijack VPN connections
New Linux vulnerability lets attackers to hijack VPN connections
New Linux Bug Lets Attackers Hijack Encrypted VPN Connections
New Linux Bug Lets Attackers Hijack Encrypted VPN Connections
VPN Bug Affects “Most” Linux Distros
VPN Bug Affects “Most” Linux Distros
OpenBSD devs patch authentication bypass bug
OpenBSD devs patch authentication bypass bug
Original: VPN hijacking on Linux (and beyond) systems
VPN hijacking on Linux (and beyond) systems
More coverage
New Linux vulnerability puts VPN connections at risk of hijacking
Attackers using Linux Vulnerability to Hijack VPN Connections
Linux VPN connections can be hacked
VPN connections could be hacked due to Linux security flaw
Unix-like Systems Vulnerable to VPN Inferring and Hijacking Attacks
Researchers say VPN bug affects Linux, Unix systems
Linux Bug Opens Most VPNs to Hijacking
New vulnerability lets attackers sniff or hijack VPN connections
Techworm misreporting
Hackers Exploit New Linux Vulnerability To Hijack VPN Connections [Ed: Techworm misreporting, as usual. There are no known attacks]
Researchers find a new Linux vulnerability...
Researchers find a new Linux vulnerability that allows attackers to sniff or hijack VPN connections
Multiple Vulnerabilities Found In OpenBSD
Multiple Vulnerabilities Found In OpenBSD Including Authentication Bypass
Some late coverage too
Networking attack gives hijackers VPN access
Cyber Security News
Serious Vulnerability Allows Hijacking of VPN Connections Across Many Linux Based Systems (Including Android and MacOS)
"VPN hijack"
VPN hijack - compromise on Linux, Android and MacOS exposed