oss-sec mailing list archives

[CVE Requests] rsync and librsync collisions

From: Michael Samuel <mik () miknet net>
Date: Tue, 5 Aug 2014 16:03:29 +1000

Hi,

I think there should be CVEs assigned for this:

rsync: MD5 collision DoS attack or limited file corruption
librsync: MD4 collision file corruption

Note: librsync is not the same code, protocol or maintainer as rsync.

The librsync attack is far easier to perform, since there's no
whole-file checksum and it will simply copy the first instance of a
collision into any place where the second collision is.

The rdiff utility that ships with librsync truncates hashes to 8
bytes, allowing a very fast and efficient birthday attack - so even if
MD4 was replaced attacks would still be possible while the hash is
truncted.  This also affects duplicity - they both use
RS_DEFAULT_STRONG_LEN - so the _librsyncmodule that ships with
duplicity will need recompiling after the fix ships.

Previous posting for context:
http://www.openwall.com/lists/oss-security/2014/07/28/1

Regards,
  Michael

Current thread:

[CVE Requests] rsync and librsync collisions Michael Samuel (Aug 04)
- Re: [CVE Requests] rsync and librsync collisions Loganaden Velvindron (Aug 04)
  - Re: [CVE Requests] rsync and librsync collisions Michael Samuel (Aug 04)
- Re: [CVE Requests] rsync and librsync collisions Murray McAllister (Sep 08)
  - Re: [CVE Requests] rsync and librsync collisions Loganaden Velvindron (Sep 08)
    - Re: [CVE Requests] rsync and librsync collisions Michael Samuel (Sep 08)
  - Re: [CVE Requests] rsync and librsync collisions cve-assign (Sep 12)
    - Re: Re: [CVE Requests] rsync and librsync collisions Michael Samuel (Sep 15)
    - Re: Re: [CVE Requests] rsync and librsync collisions Loganaden Velvindron (Sep 15)
    - Re: Re: [CVE Requests] rsync and librsync collisions Michael Samuel (Sep 17)