Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Detecting a new Linux vulnerability allows hackers to gain control of the VPN connection
International security researchers have found an entirely new Linux vulnerability that allows potential attackers to hijack VPN connections on the device * NIX and 'inject' the arbitrary data payload into it. TCP4 and IPv6 streams.
This security flaw is currently being tracked with the identifier CVE-2019-14899, which is directly related to Linux distributions and kernel security groups, as well as a number of other affected groups such as Systemd, Google, Apple, OpenVPN and WireGuard. More specifically, the flaw affects most Linux distributions as well as Unix-like operating systems including FreeBSD, OpenBSD, macOS, iOS and Android. Below is a list (incomplete) of the operating systems vulnerable to the vulnerabilities as well as the init systems they come with:
- Ubuntu 19.10 (systemd)
- Fedora (systemd)
- Debian 10.2 (systemd)
- Arch 2019.05 (systemd)
- Manjaro 18.1.1 (systemd)
- Devuan (sysV init)
- MX Linux 19 (Mepis + antiX)
- Void Linux (runit)
- Slackware 14.2 (rc.d)
- Deepin (rc.d)
- FreeBSD (rc.d)
- OpenBSD (rc.d)
All VPN deployment models are affected
According to the findings of experts from the University of New Mexico, this security flaw "allows an attacker to determine which objects are connecting to the VPN, the virtual IP address assigned by the VPN server, and whether or not the connection is compatible with a particular website, and the vulnerability also allows hackers to determine the exact number of seq and ack by counting encrypted packets, or checking their size. This allows them to push data into the TCP stream and gain control.
These CVE-2019-14899 exploits are primarily against OpenVPN, WireGuard and IKEv2 / IPSec, and most likely with Tor. In addition, nearly all Linux distributions using the systemd version with the default configuration are vulnerable.
Below are the necessary steps that a hacker uses to launch an attack to exploit the CVE-2019-14899 vulnerability and hijack the target VPN connection:
- Determine the virtual IP address of the VPN client.
- Use virtual IP addresses to infer information about active connections.
- Use encrypted replies for unsolicited packets to identify the sequence and confirmation number of an active connection in order to hijack a TCP session.
The team is planning to publish an in-depth analysis of this vulnerability as well as its implications after finding the most optimal response.
Kareem WintersYou should read it
- 12-year vulnerability in pkexec gives hackers root privileges on Linux
- The Linux vulnerability series is more than '15 years old', allowing hackers to hijack root privileges
- How to install and use a vulnerability scanner in Linux
- Linux kernel vulnerability exposes Stack memory, causing local data leak
- Apple releases iOS 14.4.2, iOS 12.5.2, and watchOS 7.3.3 updates that patch the critical zero-day vulnerability
- The DHCP vulnerability in Red Hat Linux helps hackers execute remote code
- Detected critical zero-day vulnerability on Adobe Reader
- Google discovered two serious vulnerabilities on iOS
May be interested
- Detecting extremely serious vulnerabilities that allow hacking iPhone just by sending email, victims who are not open are also attacked
the default email client pre-installed on millions of iphones and ipads now has two serious vulnerabilities that hackers can exploit to silently gain control of remote devices through sending email to users. - The DHCP vulnerability in Red Hat Linux helps hackers execute remote codesecurity researchers at google have discovered a serious remote command-line vulnerability on red hat linux's dhcp software and derivative versions of the fedora operating system.
- New privilege escalation vulnerability called 'Dirty Pipe' is threatening all Linux distrosrecently, security researcher max kellermann shared about a security flaw called 'dirty pipe'. it affects linux kernel 5.8 and above and even android devices.
- Detecting a Google Drive vulnerability could allow hackers to trick users into installing malwarean unresolved security weakness in google drive can be exploited by software attackers to distribute malicious files.
- Critical Vulnerability Discovered in 3 WordPress Plugins, Affects 84,000 Websitessecurity researchers have just disclosed a new vulnerability affecting three different wordpress plugins, posing a security risk to 84,000 websites. by exploiting this vulnerability, hackers can take control of the affected websites.
- How to install and use a vulnerability scanner in Linuxin this article, tipsmake.com will install openvas, an open source vulnerability scanning and management application, then run the first vulnerability scanning process.
- Vulnerability discovered in ESET anti-virus software could allow hackers to gain system privileges on Windowsthis vulnerability, with a tracking identifier of cve-2021-37852, was first reported by security researcher michael deplante from the trend micro team.
- Detected extremely serious vulnerability in Hikvision security camerassuccessfully exploiting this vulnerability helps hackers gain access to the camera and the victim's network.
- Hackers start using SambaCry to attack Linux computerssupposedly the wannacry linux version, sambacry exploits the vulnerability on the samba software that will cause linux users to start worrying.
- 4 reasons why white hat hackers love to use Kali Linuxthis operating system has many different features and tools, but there is always controversy as to why hackers use kali linux for work related to network security.
Attack the network
- Facebook Ads Manager becomes a victim of Trojan information theft
- Discover botnet hiding YouTube shadow stealthily deploying malicious activities
- PureLocker - a very 'weird' ransomware strain that can encrypt servers
- Mixcloud has been hacked, more than 20 million user records could have fallen into hackers
- Medical record data - a lucrative hacker hack in 2019
- Warning: These 3 dangerous ransomware could explode all over the world, 1800 large enterprises were 'shot'.
Facebook Ads Manager becomes a victim of Trojan information theft
Discover botnet hiding YouTube shadow stealthily deploying malicious activities
PureLocker - a very 'weird' ransomware strain that can encrypt servers
Mixcloud has been hacked, more than 20 million user records could have fallen into hackers
Medical record data - a lucrative hacker hack in 2019
Warning: These 3 dangerous ransomware could explode all over the world, 1800 large enterprises were 'shot'.