[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] Re: kwallet crypto misuse
From:       cve-assign () mitre ! org
Date:       2014-01-02 13:03:35
Message-ID: 201401021303.s02D3ZHO026497 () linus ! mitre ! org
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> http://security.stackexchange.com/a/44010/32167

> then fill it with zeros; then XOR all these zeros with the data to
> encrypt (which won't change the data...); then proceed to encrypt each
> block independently of each other. This is, indeed, ECB mode, not CBC.
> It is quite obvious that this is a programming error ... This implies
> that the random IV which was computed does nothing here; it is
> encrypted by itself but does not impact any other byte in the whole
> file.

> From: Florian Weimer
> Should we treat this as a minor vulnerability?

Yes; use CVE-2013-7252.

> http://gaganpreet.in/blog/2013/07/24/kwallet-security-analysis/

> KWallet uses QDataStream, which encodes QString objects (used in
> KWallet maps) as UTF-16. So, the string "abcd" will be stored as
> "\0a\0b\0c\0d", which gives four bytes of information per block.

Does anyone know whether the KWallet user interface could make it
possible to enter passwords containing 16-bit characters (i.e.,
characters that cannot be represented using 8 bits)? If that would not
be possible, then this issue could potentially qualify for an
additional CVE assignment.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJSxWKOAAoJEKllVAevmvmsb/gH/j2SfS2GXgaPa5K9OQ3d6fqw
1yqHOfxb3azeB2bsgj7bScNVA8oKZRFLiuI7mkEfeOB6bIltcHyA3ZE07fG4dgeh
B3yEe9+QUs5dWcAaTif+adbmT9+nU8hLRN09/D4lYUoI/y9SkSn4X0xe9jYfwoCE
tKE2VaCrqMVpYe/LD1T5Z9TPZR6oEEXet0t65T8LZgWbh1S+Qo3LMcyfeyBAnJ1q
qdspM0EPruNSTHjPJB0v/jP3x/iwMt2xuz6KAFyJqci6RpDMPUmw0JW2iSi2QLSS
Chk3tlfeunZHbYS3lueQpqHClqb0H0CN7gHunBvBZyLCj+TwMaLeqL/Y5bRfxEI=
=zyg0
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread]