Building Linux Virtual Private Networks
Below are references to vulnerabilities found with VPN protocols we discuss in Building Linux VPNs. Note that these problems are with the protocols themselves, not with the setup we describe in the book.

Date Reported 01/09/2002
Brief Description Multiple VPN daemons allow remote attackers to modify packets
Risk Factor Low
Attack Type Network Based
Platforms Affected tinc 1.0pre3, tinc 1.0pre4, Vtun 2.5b1
Vulnerability vpn-modify-packets
X-Force URL http://xforce.iss.net/static/7868.php
Additional URLs http://www.securityfocus.com/archive/1/249142 (tinc)
http://www.securityfocus.com/archive/1/249334 (VTun)
Date Reported 01/09/2002
Brief Description Multiple VPN daemons vulnerable to replay attack
Risk Factor Low
Attack Type Network Based
Platforms Affected tinc 1.0pre3, tinc 1.0pre4, Vtun 2.5b1
Vulnerability vpn-replay-attack
X-Force URL http://xforce.iss.net/static/7870.php
Additional URLs http://www.securityfocus.com/archive/1/249142 (tinc)
http://www.securityfocus.com/archive/1/249334 (VTun)
Date Reported 01/09/2002
Brief Description tinc IV is a weak salt
Risk Factor Low
Attack Type Network Based
Platforms Affected tinc 1.0pre3, tinc 1.0pre4
Vulnerability tinc-weak-salt
X-Force URL http://xforce.iss.net/static/7871.php
Additional URLs http://www.securityfocus.com/archive/1/249142
Date Reported 01/07/2002
Brief Description CIPE packet handling denial of service
Risk Factor Low
Attack Type Network Based
Platforms Affected CIPE 1.5.2 and earlier, Debian Linux 2.2
Vulnerability cipe-packet-handling-dos
X-Force URL http://xforce.iss.net/static/7883.php
Additional URLs http://www.debian.org/security/2002/dsa-104 (Debian)
https://www.redhat.com/support/errata/RHSA-2002-007.html (Red Hat)
http://sites.inka.de/bigred/archive/cipe-l/2002-01/msg00011.html (patch)
Status Apply the above patch for versions 1.2.5 and earlier.
Date Reported 01/09/2002
Brief Description VTun ECB mode uses weak encryption
Risk Factor Low
Attack Type Network Based
Platforms Affected Vtun 2.5b1
Vulnerability vtun-ecb-weak-encryption
X-Force URL http://xforce.iss.net/static/7904.php
Additional URLs http://www.securityfocus.com/archive/1/249334
Home
Contents
Authors
Reviews
Errata
Colophon
Source Code
Sample Chapter
Suggested Reading
Purchase

New Riders Publishing