Vulnerability allows attackers to listen and intercept VPN connections
Hackers Academy last edited by
Researchers from the University of New Mexico have discovered a vulnerability affecting Ubuntu, Fedora, Debian, FreeBSD, OpenBSD, macOS, iOS Android, and other Unix-based OSs. The problem allows you to listen, intercept and interfere with the operation of VPN connections.
The bug got the identifier CVE-2019-14899, and the root of the problem lies in the network stacks of a number of Unix-based operating systems, or rather, in the way these OSs respond to unexpected network packets. An attacker can use the vulnerability to "probe" the device and identify various details about the status of the user's VPN connection.
Attacks can be performed on behalf of a malicious access point or router, or an attacker can be present on the same network to determine if another user is connected to the VPN, find out his virtual IP address assigned by the server, and determine whether the victim is connected to a specific site. Even worse, the bug allows you to determine the exact sequence of packets in certain VPN connections, which can be used to inject into the TCP data stream and compromise the connection.
Researchers report that they have successfully exploited the vulnerability in the following operating systems, and also write that the problem extends to Android, iOS and macOS:
Ubuntu 19.10 (systemd)
Debian 10.2 (systemd)
Arch 2019.05 (systemd)
Manjaro 18.1.1 (systemd)
Devuan (sysV init)
MX Linux 19 (Mepis + antiX)
Void Linux (runit)
Slackware 14.2 (rc.d))
It is emphasized that the attack works against OpenVPN, WireGuard, and IKEv2 / IPSec, and so on, since the VPN technology itself does not matter, nor does the use of IPv4 or IPv6.