lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 17 Sep 2013 00:35:09 +0000
Subject: EarthVPN certificate configuration vulnerabilities

EarthVPN ( is a VPN service provider which claims "When connected, your data will be secured and encrypted, keeping all your personal details private. EarthVPN will make sure that your online presence cannot be intercepted, monitored and recorded by your internet service provider, company, school or government."

Their server configuration and suggested openvpn setup guide contains a number of vulnerabilities.

- The provided CA certificate earthvpn.crt is actually a public certificate authority ("GlobalSign Root CA"). This means that anybody can register for a valid SSL certificate from GlobalSign.

- the setup guide did not advise to enable the "certificate hostname check" (under "authentication/encryption"). This means that a certificate issued by GlobalSign to, say, will pass certificate validation, and can result in an active man-in-the-middle attack that could eavesdrop on all traffic.

- They appear to be using the same certificate ("*") and keys on all servers that I've tried to connect to. This means that compromise of any one of these servers would allow the theft of private keys that can be used to m-i-t-m any other server. Put another way, a Russian dissident might want to connect to their  UK servers to avoid interception of his traffic. But the Russian government could compel the datacentre in Russia hosting their server to reveal its keys. And it can use these keys to intercept and monitor the traffic to the UK server (or other servers).

EarthVPN has been contacted about these concerns, and insists that "it is not possible to do mitm attack without knowing username and password of the clients as authentication will not be succeeded."

Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia -

Powered by blists - more mailing lists