On Wednesday, 7 December 2016 13:04:30 CET Gert Doering wrote: > Hi, > > On Wed, Dec 07, 2016 at 04:51:36PM +0500, ???????? ?????????????? wrote: > > it used to crash on simple tcp connect (after immediate disconnect), it > > was > > reproducible to running login/password authentication mode > > > > it might have been caught by fuzz testing. > > I should point out that this was not a "crash" but an "openvpn detects > invalid input and ASSERT()s out -> well-defined program exit". > > Not exactly *friendly* behaviour (and stupid, in this case), but not > a *crash*. > > But that's exactly why fuzzing openvpn is hard: we detect bad stuff, and > in doubt, we ASSERT() - which is well-defined behaviour, not "crashing > randomly, possibly in a way that can be exploited to get access to > security critical bits"
It still results in a denial of service. Yes, far less severe than private key leak or remote code execution, but a severe vulnerability none the less. -- Regards, Hubert Kario Senior Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
signature.asc
Description: This is a digitally signed message part.
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
