www. O S N E W S .com
News Features Interviews
BlogContact Editorials

Linux Flaw Allows Attackers to Hijack Web Connections
By David Adams, submitted by Alfman on 2016-08-29 18:46:08

Researchers discovered that a Transmission Control Protocol (TCP) specification implemented in Linux creates a vulnerability that can be exploited to terminate connections and conduct data injection attacks.

The flaw, tracked as CVE-2016-5696, is related to a feature described in RFC 5961, which should make it more difficult to launch off-path TCP spoofing attacks. The specification was formulated in 2010, but it has not been fully implemented in Windows, Mac OS X, and FreeBSD-based operating systems. However, the feature has been implemented in the Linux kernel since version 3.6, released in 2012.

A team of researchers from the University of California, Riverside and the U.S. Army Research Laboratory identified an attack method that allows a blind, off-path attacker to intercept TCP-based connections between two hosts on the Internet.

Researchers noted that data cannot be injected into HTTPS communications, but the connection can still be terminated using this method. One attack scenario described by the experts involves targeting Tor by disrupting connections between certain relays so that users are forced to use attacker-controlled exit relays.

24  Comments - Printer friendly - Related stories
Recent related stories
- How smart TVs track more than what's on tonight - 2018-07-10
- "Gmail app developers have been reading your emails" - 2018-07-03
- Wi-Fi Alliance introduces WPA3 security - 2018-06-26
- Verizon and AT&T will stop selling your phone's location - 2018-06-20
- Apple just took a shot at Facebook's web-tracking empire - 2018-06-05
- More related articles
 

Tell a friend
Your full name:
Your email address:
Your friend's email:
Anti-spam measure:
5+2=

News Features Interviews
BlogContact Editorials


WAP site - RSS feed
© OSNews LLC 1997-2007. All Rights Reserved.
The readers' comments are owned and a responsibility of whoever posted them.
Prefer the desktop version of OSNews?