REDHAT-BUG-630460
First published: Sun Sep 05 2010(Updated: )
Micha Riser reported: [A] <a href="http://archives.neohapsis.com/archives/fulldisclosure/2010-08/0316.html">http://archives.neohapsis.com/archives/fulldisclosure/2010-08/0316.html</a> three security flaws in EncFS encrypted filesystem (more from [A]): A security analysis of EncFS has revealed multiple vulnerabilities: (1) Only 32 bit of file IV used (2) Watermarking attack (3) Last block with single byte is insecure References: [B] <a href="http://www.arg0.net/encfs">http://www.arg0.net/encfs</a> [C] <a href="http://bugs.gentoo.org/show_bug.cgi?id=335938">http://bugs.gentoo.org/show_bug.cgi?id=335938</a> [D] <a href="http://archives.neohapsis.com/archives/fulldisclosure/2010-08/att-0316/watermark-attack-encfs.tar.gz">http://archives.neohapsis.com/archives/fulldisclosure/2010-08/att-0316/watermark-attack-encfs.tar.gz</a> Solutions / patches information: ================================ * for issue (1) -- seems it wasn't fixed / isn't possible to fix without breaking backward compatibility. More from [B]: "The old IV setup is kept for backwards compatibility." * for issue (2) -- EncFS upstream has released a fix for the issue: [E] <a href="http://code.google.com/p/encfs/source/detail?r=59">http://code.google.com/p/encfs/source/detail?r=59</a> Asked Valient to confirm yet, [E] is the proper patch for issue (2) / the watermarking attack /. * for issue (3) -- not sure about patch status. CVE Request: [F] <a href="http://www.openwall.com/lists/oss-security/2010/09/05/3">http://www.openwall.com/lists/oss-security/2010/09/05/3</a>
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Encfs |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://archives.neohapsis.com/archives/fulldisclosure/2010-08/0316.html
- http://www.arg0.net/encfs
- http://bugs.gentoo.org/show_bug.cgi?id=335938
- http://archives.neohapsis.com/archives/fulldisclosure/2010-08/att-0316/watermark-attack-encfs.tar.gz
- http://code.google.com/p/encfs/source/detail?r=59
- http://www.openwall.com/lists/oss-security/2010/09/05/3
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=443181
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=443181&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=443182
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=443182&action=edit
- http://www.openwall.com/lists/oss-security/2010/09/06/1
- https://access.redhat.com/security/cve/CVE-2010-3073
- https://access.redhat.com/security/cve/CVE-2010-3074
- https://access.redhat.com/security/cve/CVE-2010-3075
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=630460#c6
- https://bugzilla.redhat.com/show_bug.cgi?id=630460
Frequently Asked Questions
What is the severity of REDHAT-BUG-630460?
The severity of REDHAT-BUG-630460 is classified as a security flaw in the EncFS encrypted filesystem.
How do I fix REDHAT-BUG-630460?
To fix REDHAT-BUG-630460, ensure that you are using the latest patched version of EncFS provided by your distribution.
What systems are affected by REDHAT-BUG-630460?
REDHAT-BUG-630460 affects systems utilizing the EncFS encrypted filesystem.
What types of vulnerabilities are detailed in REDHAT-BUG-630460?
REDHAT-BUG-630460 details security vulnerabilities that could lead to unauthorized access or exposure of encrypted data.
Who reported REDHAT-BUG-630460?
REDHAT-BUG-630460 was reported by Micha Riser.
- collector/redhat-bugzilla
- alias/CVE-2010-3073
- agent/references
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/severity
- agent/description
- agent/event
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/arg0
- canonical/encfs