Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chap: Use proper entropy source #67

Merged
merged 1 commit into from
Sep 4, 2024

Conversation

richardweinberger
Copy link
Contributor

The challenge sent to the initiator is based on a poor source of randomness, it uses rand() without seeding it by srand(). So the glibc PRNG is always seeded with 1 and as a consequence the sequence of challenges is always the same.

An attacker which is able to monitor network traffic can apply a replay attack to bypass the CHAP authentication. All the attacker has to do is waiting for the server or the service to restart and replay with a previously record CHAP session which fits into the sequence.

To overcome the issue, use getrandom() to query the kernel random number generator.
Also always send a challenge of length CHAP_CHALLENGE_MAX, there is no benefit in sending a variable length challenge.

The challenge sent to the initiator is based on a poor
source of randomness, it uses rand() without seeding it by srand().
So the glibc PRNG is always seeded with 1 and as a consequence the
sequence of challenges is always the same.

An attacker which is able to monitor network traffic can apply a replay
attack to bypass the CHAP authentication.  All the attacker has to do
is waiting for the server or the service to restart and replay with a
previously record CHAP session which fits into the sequence.

To overcome the issue, use getrandom() to query the kernel random
number generator.
Also always send a challenge of length CHAP_CHALLENGE_MAX, there is no
benefit in sending a variable length challenge.

Signed-off-by: Richard Weinberger <[email protected]>
@fujita fujita merged commit abd8e0d into fujita:master Sep 4, 2024
2 checks passed
@fujita
Copy link
Owner

fujita commented Sep 4, 2024

Thanks a lot!

@carnil
Copy link

carnil commented Sep 6, 2024

This got https://www.cve.org/CVERecord?id=CVE-2024-45751 assigned

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants