5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
2.6 Low
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:H/Au:N/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
40.8%
Timing attacks occur when an attacker can guess a secret by observing a difference in processing time for valid and invalid inputs. Sensitive secrets such as passwords, token and API keys should be compared only using a constant-time comparision function.
More information on this attack type can be found in this blog post.
In this case, the vulnerability occurs due to the following code.
https://github.com/ginuerzh/gost/blob/1c62376e0880e4094bd3731e06bd4f7842638f6a/auth.go#L46-L46
Here, a untrusted input, sourced from a HTTP header, is compared directly with a secret.
Since, this comparision is not secure, an attacker can mount a side-channel timing attack to guess the password.
This can be easily fixed using a constant time comparing function such as crypto/subtle
’s ConstantTimeCompare
.
An example fix can be found in https://github.com/runatlantis/atlantis/commit/48870911974adddaa4c99c8089e79b7d787fa820 Alternatively, one can apply the patch below
From d18cff85e1a565f688f717fd8f2cacea62ff9dbf Mon Sep 17 00:00:00 2001
From: Porcupiney Hairs <[email protected]>
Date: Sun, 7 May 2023 01:03:33 +0530
Subject: [PATCH] Fix : Timing attack
---
auth.go | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/auth.go b/auth.go
index 1be96e9..be13f23 100644
--- a/auth.go
+++ b/auth.go
@@ -2,6 +2,7 @@ package gost
import (
"bufio"
+ "crypto/subtle"
"io"
"strings"
"sync"
@@ -43,7 +44,8 @@ func (au *LocalAuthenticator) Authenticate(user, password string) bool {
}
v, ok := au.kvs[user]
- return ok && (v == "" || password == v)
+ passOk := subtle.ConstantTimeCompare([]byte(password), []byte(v)) == 0
+ return ok && (v == "" || passOk)
}
// Add adds a key-value pair to the Authenticator.
--
2.25.1
CPE | Name | Operator | Version |
---|---|---|---|
github.com/ginuerzh/gost | le | 2.11.5 |
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
2.6 Low
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:H/Au:N/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
40.8%