KEYP Vulnerability
Bug #991342 reported by
iceman50
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
DC++ |
Fix Released
|
Low
|
Crise / MW |
Bug Description
With the current vulnerability with DC++'s current KEYP implementation the underlying issue seems to be this ...
[2012-04-26 09:24] <Crise> anyways, the thing with keyp is entirely different problem... which is basically that it only verifies keyp on the peer level certificate and not on the whole chain as it should
Crise has stated he has another source who knows the exploit but will not divulge in who he is.
Related branches
Changed in dcplusplus: | |
assignee: | nobody → Jacek Sieka (arnetheduck) |
tags: | added: core |
Changed in dcplusplus: | |
status: | New → In Progress |
Changed in dcplusplus: | |
status: | In Progress → Fix Committed |
information type: | Private Security → Public Security |
To post a comment you must log in.
DC++ follows the spec in this regard; this should be discussed with ADC maintainers to decide whether taking the cert chain into account is indeed necessary. adc.svn. sourceforge. net/viewvc/ adc/trunk/ ADC-EXT. txt?r1= 34&r2=33& pathrev= 34>
rev 34 of ADC might be relevant: <http://
is this really a security issue? if 2 peers disagree on their KEYP, the worse that could happen is a failure to establish the connection. i fail to see how a third party could exploit this divergence to "sneak a cert into the chain" while keeping the KEYP intact.