FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2013-2061

This CVE name corresponds to:

Entered Topic
2013-03-31 OpenVPN -- potential side-channel/timing attack when comparing HMACs

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

Details

Type Candidate
Name CVE-2013-2061
Phase Assigned(20130219)

Description

The openvpn_decrypt function in crypto.c in OpenVPN 2.3.0 and earlier, when running in UDP mode, allows remote attackers to obtain sensitive information via a timing attack involving an HMAC comparison function that does not run in constant time and a padding oracle attack on the CBC mode cipher.

References

Source Reference
MLIST [oss-security] 20130506 Re: CVE request: OpenVPN use of non-constant-time memcmp in HMAC comparison in openvpn_decrypt
CONFIRM https://bugs.gentoo.org/show_bug.cgi?id=468756
CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=960192
CONFIRM https://community.openvpn.net/openvpn/wiki/SecurityAnnouncement-f375aa67cc
CONFIRM https://github.com/OpenVPN/openvpn/commit/11d21349a4e7e38a025849479b36ace7c2eec2ee
FEDORA FEDORA-2013-7531
FEDORA FEDORA-2013-7552
MANDRIVA MDVSA-2013:167
SUSE openSUSE-SU-2013:1645
SUSE openSUSE-SU-2013:1649