[RESEARCH] DTLS 'ClientHello' Race Conditions in WebRTC Implementations
2024-10-25 11:33:12 Author: seclists.org(查看原文) 阅读量:4 收藏

fulldisclosure logo

Full Disclosure mailing list archives


From: Sandro Gauci via Fulldisclosure <fulldisclosure () seclists org>
Date: Tue, 22 Oct 2024 09:17:53 +0200

Dear Full Disclosure community,

We've released a white paper detailing a critical vulnerability affecting multiple WebRTC implementations: "DTLS 
'ClientHello' Race Conditions in WebRTC Implementations".

White paper: https://www.enablesecurity.com/research/webrtc-hello-race-conditions-paper.pdf

Key points:

1. Vulnerability: Failure to properly verify the origin of DTLS "ClientHello" messages in WebRTC sessions.
2. Impact: Potential for denial of service attacks.
3. Affected implementations (all Open-Source projects have been patched in latest versions):
   - RTPEngine
   - Asterisk
   - FreeSWITCH
   - Skype (PSTN)

4. Tested but not vulnerable:
   - Janus, Discord, Dolby.io, Facebook Messenger, Google Meet, LiveKit Meet, Webex, Zoho Meeting, Zoom, Mediasoup

5. Root cause: Not a specification bug, but a common implementation oversight.

Methodology:
- Extensive testing on open-source and proprietary WebRTC implementations
- Focus on media servers and popular communication platforms

This research expands on our previous blog post, providing more comprehensive details and analysis.

We invite the community to review our findings, methodology, and recommendations. Your feedback and further research 
into WebRTC security is welcome.

--
 
    Sandro Gauci, CEO at Enable Security GmbH

    Register of Companies:       AG Charlottenburg HRB 173016 B
    Company HQ:                       Neuburger Straße 101 b, 94036 Passau, Germany
    RTCSec Newsletter:               https://www.rtcsec.com/subscribe
    Our blog:                                https://www.rtcsec.com
    Other points of contact:       https://www.enablesecurity.com/contact/
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/

Current thread:

  • [RESEARCH] DTLS 'ClientHello' Race Conditions in WebRTC Implementations Sandro Gauci via Fulldisclosure (Oct 24)

文章来源: https://seclists.org/fulldisclosure/2024/Oct/6
如有侵权请联系:admin#unsafe.sh