similar to: CVE-2019-14899 can potentially affect tinc VPNs

Displaying 20 results from an estimated 20000 matches similar to: "CVE-2019-14899 can potentially affect tinc VPNs"

2016 Mar 25
0
Multiple Tinc Vpns Crash
On Sat, Mar 26, 2016 at 12:03:48AM +0100, albi at life.de wrote: > 1 vpn was running fine, but now that I run 5 vpns, my kvm crashes sometimes. Especially when I stop tinc. > I used tinc 1.0.26 from repo. > Now I tried tinc 1.1 pre, same problem but less often. > > Any help or idea why system crashes? So the KVM instance itself crashes? Or Linux inside the VM? Any error messages
2019 Dec 06
1
VPN connections subject to hijack attack
On Fri, 6 Dec 2019 at 04:40, Kenneth Porter <shiva at sewingwitch.com> wrote: > > <https://www.bleepingcomputer.com/news/security/new-linux-vulnerability-lets-attackers-hijack-vpn-connections/> > Thanks for the heads up > This affects all VPNs and is a consequence of using "loose" reverse path > filtering for anti-spoofing. The default CentOS setting is
2010 Sep 23
1
Multiple tinc vpns between hosts.
Hi, I configured 2 vpn's between 2 servers. When starting the tinc on each server. De 2 vpns's look like 1 vpn. Can tinc be configure for multiple vpn's between 2 hosts or more. Lets say there are 3 servers A, B and C. I want a tinc vpn between host A en host B. And a second vpn between host B en C without is becoming one vpn. And for example a third vpn between host A en host
2016 Mar 25
2
Multiple Tinc Vpns Crash
I use 3 Ubuntu server 14.04 as KVM guest. Now I run 5 tinc vpns in switch mode. I use the same key for every vpn. Every kvm has connect to the two other servers. I need 5 vpns to have 5 networks connected but seperated. 1 vpn was running fine, but now that I run 5 vpns, my kvm crashes sometimes. Especially when I stop tinc. I used tinc 1.0.26 from repo. Now I tried tinc 1.1 pre, same problem but
2009 Dec 16
2
Response time on Tinc VPNs, Bandwith on Tinc-VPN
Hello, response time: how is it possible to increase the response time on Tinc VPNs. When I use tinc over a fast or giga-bit network connection the ping-response time is normally about 1800 to 2000 ms. Sometimes I get ping response times at about 2.500 to 3.000 ms over a normal Ethernet Connection or a television-cable connection within the same providers-network in the same city. The ping-time
2019 Dec 06
0
VPN connections subject to hijack attack
<https://www.bleepingcomputer.com/news/security/new-linux-vulnerability-lets-attackers-hijack-vpn-connections/> This affects all VPNs and is a consequence of using "loose" reverse path filtering for anti-spoofing. The default CentOS setting is strict filtering but you may have changed this to loose for some unusual routing situations. Check that the value of
2015 May 14
0
MTU, PMTU & DF flag
On Thu, May 14, 2015 at 10:12:40AM +0200, Florent B wrote: > > I have no experience with Ubuntu, but I find it hard to believe it would > > block ICMP Fragmentation Needed packets out of the box. > > I can confirm you that this is the case. Ubuntu ignores those ICMP > packets... :( (rp_filter settings) > > You can see it here : https://mellowd.co.uk/ccie/?p=5662
2018 Mar 20
1
Tinc deployments in the USA
I meant Tinc site-site VPN deployments in US business segments. Just references if any. On Tue, Mar 20, 2018 at 1:44 PM, Guus Sliepen <guus at tinc-vpn.org> wrote: > On Tue, Mar 20, 2018 at 12:53:55PM -0700, al so wrote: > > > Are there any Tinc deployments in the USA in Medium sized businesses and > > small Enterprises? > > Yes. However, VPNs are Virtual *Private*
2014 Jun 17
1
Bug#751894: xen: CVE-2014-4021 / XSA-100
Package: xen Version: 4.0.1-5.11 Severity: important Tags: security, fixed-upstream Please see for details: http://www.openwall.com/lists/oss-security/2014/06/17/6 Patch: http://seclists.org/oss-sec/2014/q2/att-549/xsa100.patch --- Henri Salo -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc:
2017 May 03
2
Multi tenancy setup by Tinc?
Hi, Guus The use case the shared default gateway for multi-tenant, if that the case the node who own the default gateway will have problem to route with different tenant who has overlapped address scope? Is it true when no any other tools like the namespaces? (tenant1)\ (tenant2)——common node—— shared gw node—— Internet (tenant3)/ But if the each tenant have it’s dedicate default gateway, but
2011 Dec 22
0
[PATCH] Security: Mitigate possible privilege escalation via SG_IO ioctl (CVE-2011-4127, RHBZ#757071)
From: "Richard W.M. Jones" <rjones at redhat.com> CVE-2011-4127 is a serious qemu & kernel privilege escalation bug found by Paolo Bonzini. http://seclists.org/oss-sec/2011/q4/536 An untrusted guest kernel is able to issue special SG_IO ioctls on virtio devices which qemu passes through to the host kernel without filtering or sanitizing. These ioctls allow raw sectors from
2017 Sep 07
2
Packet capture to analysis the tinc connection close
And, I ran a constant ping from the tinc client’s IP to the tinc server’s IP, it shows, the pings are all successfully back and forth, no any packet loss during the connection drop happens, so will this help to exclude any NAT/firewall cause the connection drop? And as you saw from the earlier screen shot, when it happens, it drop all tinc connections, and those connections are for different
2018 Oct 08
1
[Announcement] Tinc version 1.0.35 and 1.1pre17 released
Because of security vulnerabilities in tinc that have recently been discovered, we hereby release tinc versions 1.0.35 and 1.1pre17. Here is a summary of the changes in tinc 1.0.35: * Prevent oracle attacks (CVE-2018-16737, CVE-2018-16738). * Prevent a MITM from forcing a NULL cipher for UDP (CVE-2018-16758). Here is a summery of the changes in tinc 1.1pre17: * Prevent oracle attacks in the
2018 Oct 08
1
[Announcement] Tinc version 1.0.35 and 1.1pre17 released
Because of security vulnerabilities in tinc that have recently been discovered, we hereby release tinc versions 1.0.35 and 1.1pre17. Here is a summary of the changes in tinc 1.0.35: * Prevent oracle attacks (CVE-2018-16737, CVE-2018-16738). * Prevent a MITM from forcing a NULL cipher for UDP (CVE-2018-16758). Here is a summery of the changes in tinc 1.1pre17: * Prevent oracle attacks in the
2013 Aug 04
1
10th anniversary of tinc 1.0
Hello everyone, Today is exactly 10 years ago that tinc 1.0 was released. I would have hoped to celebrate this by releasing 1.0.22 and 1.1pre8 today, but this will instead happen in one week. Tinc 1.1 is close to becoming stable, and I hope to release 1.1.0 before the end of the year. The main features of tinc 1.1 are the improved security over tinc 1.0, and a much nicer interface that makes it
2013 Aug 04
1
10th anniversary of tinc 1.0
Hello everyone, Today is exactly 10 years ago that tinc 1.0 was released. I would have hoped to celebrate this by releasing 1.0.22 and 1.1pre8 today, but this will instead happen in one week. Tinc 1.1 is close to becoming stable, and I hope to release 1.1.0 before the end of the year. The main features of tinc 1.1 are the improved security over tinc 1.0, and a much nicer interface that makes it
2013 Apr 22
1
[Announcement] Tinc version 1.0.21 and 1.1pre7 released
Because of a security vulnerability in tinc that was recently discovered, we hereby release tinc versions 1.0.21 and 1.1pre7. Here is a summary of the changes in tinc 1.0.21: * Drop packets forwarded via TCP if they are too big (CVE-2013-1428). Here is a summary of the changes in tinc 1.1pre7: * Fixed large latencies on Windows. * Renamed the tincctl tool to tinc. * Simplified changing the
2013 Apr 22
1
[Announcement] Tinc version 1.0.21 and 1.1pre7 released
Because of a security vulnerability in tinc that was recently discovered, we hereby release tinc versions 1.0.21 and 1.1pre7. Here is a summary of the changes in tinc 1.0.21: * Drop packets forwarded via TCP if they are too big (CVE-2013-1428). Here is a summary of the changes in tinc 1.1pre7: * Fixed large latencies on Windows. * Renamed the tincctl tool to tinc. * Simplified changing the
2002 Feb 12
0
book on Linux VPNs
hi all, http://www.newriders.com/books/title.cfm?isbn=1578702666 I searched the tinc archives and I know one of the authors asked a few questions about tinc. http://mail.nl.linux.org/tinc/2001-06/msg00030.html So...go out and buy it :) armijn -- --------------------------------------------------------------------------- armijn@nl.linux.org | http://people.nl.linux.org/~armijn/ | Penguin
2001 Mar 08
2
Tinc behind firewall?
On Thu, Mar 08, 2001 at 11:51:53AM +0100, Marcel Loesberg wrote: > I'm going to build a VPN and I want to use either Tinc or FreeS/WAN. > I've started building the VPN with FreeS/WAN and I find things are getting > rather complicated. > I looks like Tinc is much easier to configure but in the FAQ and in what I've > seen of the documentation so far there is no mention of