lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-Id: <c6123e7a-98a4-41f7-aa50-fa0bbf818fb5@app.fastmail.com> Date: Tue, 22 Oct 2024 09:17:53 +0200 From: Sandro Gauci via Fulldisclosure <fulldisclosure@...lists.org> To: "fulldisclosure@...lists.org" <fulldisclosure@...lists.org> Subject: [FD] [RESEARCH] DTLS 'ClientHello' Race Conditions in WebRTC Implementations Dear Full Disclosure community, We've released a white paper detailing a critical vulnerability affecting multiple WebRTC implementations: "DTLS 'ClientHello' Race Conditions in WebRTC Implementations". White paper: https://www.enablesecurity.com/research/webrtc-hello-race-conditions-paper.pdf Key points: 1. Vulnerability: Failure to properly verify the origin of DTLS "ClientHello" messages in WebRTC sessions. 2. Impact: Potential for denial of service attacks. 3. Affected implementations (all Open-Source projects have been patched in latest versions): - RTPEngine - Asterisk - FreeSWITCH - Skype (PSTN) 4. Tested but not vulnerable: - Janus, Discord, Dolby.io, Facebook Messenger, Google Meet, LiveKit Meet, Webex, Zoho Meeting, Zoom, Mediasoup 5. Root cause: Not a specification bug, but a common implementation oversight. Methodology: - Extensive testing on open-source and proprietary WebRTC implementations - Focus on media servers and popular communication platforms This research expands on our previous blog post, providing more comprehensive details and analysis. We invite the community to review our findings, methodology, and recommendations. Your feedback and further research into WebRTC security is welcome. -- Sandro Gauci, CEO at Enable Security GmbH Register of Companies: AG Charlottenburg HRB 173016 B Company HQ: Neuburger Straße 101 b, 94036 Passau, Germany RTCSec Newsletter: https://www.rtcsec.com/subscribe Our blog: https://www.rtcsec.com Other points of contact: https://www.enablesecurity.com/contact/ _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
Powered by blists - more mailing lists