Skip to content

Home Special Alerts
Special Alerts
WPA3 Multiple Vulnerabilities: "Dragonblood"
Wednesday, 17 April 2019 12:00

Description:
Researchers has discovered two types of design flaws in WPA3-first leads to downgrade attacks and second to side-channel leaks, which can allow a remote attacker to acquire a weak password, conduct a denial of service, or gain complete authorization. These vulnerabilities have also been referred to as Dragonblood.

CVE Numbers:
CVE-2019-9494/CVE-2019-9495/CVE-2019-9496/CVE-2019-9497/CVE-2019-9498/CVE-2019-9499

Impact:
A downgrade attack against WPA3-Transtition mode can lead to dictionary attacks. A security group downgrade attack, a timing-based side-channel attack, a cache-based side-channel attack, and a resource consumption attack against the WPA3's Dragonfly handshake can be used to recover passwords or cause a DoS.

Solution:
Upgrade wpa_supplicant and hostapd to version 2.8

Available Mitigations:
Mitigations are available for
CVE-2019-9494 https://w1.fi/security/2019-1/
CVE-2019-9495 https://w1.fi/security/2019-2/
CVE-2019-9496 https://w1.fi/security/2019-3/
CVE-2019-9497 https://w1.fi/security/2019-4/
CVE-2019-9498 https://w1.fi/security/2019-4/
CVE-2019-9499 https://w1.fi/security/2019-4/

Reference:
https://www.kb.cert.org/vuls/id/871675/
https://wpa3.mathyvanhoef.com/
https://papers.mathyvanhoef.com/dragonblood.pdf

 
EFAIL Attacks: Vulnerabilities in OpenPGP and S/MIME Leak the Plaintext of Encrypted Emails
Wednesday, 16 May 2018 15:00

Description:
OpenPGP (Pretty Good Privacy) and S/MIME (Secure/Multipurpose Internet Mail Extensions) are both standards used to digitally sign, encrypt and decrypt emails. The EFAIL attacks exploit vulnerabilities in the OpenPGP and S/MIME standards to reveal the plaintext of encrypted emails. When Email clients are configured to automatically decrypt the content of encrypted emails user receive and are also configured to load external resources automatically, attackers can abuse this behavior to steal messages in plaintext just by sending victim a modified version of the same encrypted email content.

CVE Numbers:
CVE-2017-17688: OpenPGP CFB Attacks
CVE-2017-17689: S/MIME CBC Attacks

Systems Affected:
Email clients supporting the OpenPGP or S/MIME standards are vulnerable to EFAIL attacks. Please refer to the paper (https://efail.de/efail-attack-paper.pdf) for further information.

Mitigations:
To prevent EFAIL attacks, users are advised to
‧ Decrypt S/MIME or PGP emails in a separate application outside of email client
‧ Disable HTML rendering
‧ Disable Remote Content Loading
‧ Apply patches from Email client vendors

Reference:
https://efail.de/
https://efail.de/efail-attack-paper.pdf
https://www.kb.cert.org/vuls/id/122919

 
Page 1 of 8
[YOUR IP: 3.226.243.226: 60444] ...   [YOUR BROWSER: CCBot/2.0 (https://commoncrawl.org/faq/)] ...