oss-sec mailing list archives
CVE Request: zeromq downgrade attack
From: Alessandro Ghedini <alessandro () ghedini me>
Date: Thu, 7 May 2015 16:49:08 +0200
[ CCing upstream mailing list ] Hello, From https://github.com/zeromq/libzmq/issues/1273 :
It is easy to bypass the security mechanism in 4.1.0 and 4.0.5 by sending a ZMTP v2 or earlier header. The library accepts such connections without applying its security mechanism. Solution: if security is defined on a socket, reject all V2 and earlier connections, unconditionally.
A patch for the zeromq 4.0.x stable series is available at https://github.com/zeromq/zeromq4-x/commit/b6e3e0f601e2c1ec1f3aac880ed6a3fe63043e51 AFAICT no CVE has been assigned (or requested) for this, and the issue has been public since December of last year. Could a CVE be assigned please? Cheers
Attachment:
signature.asc
Description: Digital signature
Current thread:
- CVE Request: zeromq downgrade attack Alessandro Ghedini (May 07)
- Re: CVE Request: zeromq downgrade attack Salvatore Bonaccorso (May 10)
- Re: CVE Request: zeromq downgrade attack Alessandro Ghedini (May 15)
- Re: CVE Request: zeromq downgrade attack cve-assign (May 21)
- Re: CVE Request: zeromq downgrade attack Alessandro Ghedini (May 22)