Openvpn 2.3.14 plaintext Remote Code Execution Vulnerability
The original article can be found at: https://sweet32.info/
The information has been provided by Karthikeyan Bhargavan.
* Openvpn 2.3.14
A vulnerability was reported in OpenVPN. A remote user can decrypt transmitted data in certain cases.
A remote user that can monitor the network and can capture a long duration Blowfish CBC mode encrypted TLS session over which some amount of known plaintext is communicated can recover some plaintext in certain cases.
Over the duration of a long-lived connection, a cipher block collision may occur, allowing the remote user to recover the exclusive OR between the two plaintext blocks. If the communications protocol sends a fixed plaintext portion repeatedly and also sends some amount of known plaintext, the user can recover the secret plaintext.
The attack method is known as a SWEET32 attack.
64-bit block ciphers, such as 3DES and Blowfish, are affected by this type of attack.
Publish Date : 2017-01-31
Last Update Date : 2017-02-28