• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Authentication Bypass Vulnerability Discovered In Bouncy Castle

Authentication bypass vulnerability discovered in Bouncy Castle

You are here: Home / General Cyber Security News / Authentication bypass vulnerability discovered in Bouncy Castle

Security scientists have identified a flaw in a Java cryptography library that could help hackers to brute power Bcrypt hashed passwords. As soon as exploited, a hacker could achieve administrator-amount obtain to a single indicator-on (SSO) method. 

CVE-2020-28052 is an authentication bypass vulnerability in the OpenBSDBcrypt course of the well-known Bouncy Castle library. Bcrypt hashing–based authentication is applied for authentication checks, for instance, in web programs and APIs. 

The exploit implies an attacker could successfully bypass password checks in apps using the Bcrypt algorithm for password hashing. In accordance to a Synopsys blog site publish, the vulnerability in the method OpenBSDBcrypt.doCheckPassword was introduced in a GitHub commit.

✔ Approved Seller by TheCyberSecurity.News From Our Partners
Bitdefender Internet Security 2021

Protect yourself against all threads using Bitderender. Get Bitdefender Internet Security with 68% discount from a bitdefender official seller SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


Scientists mentioned the doCheckPassword strategy implements a flawed verification regime. The code checks for an index of figures from to 59 inclusive, relatively than examining that characters at positions from to 59 match. 

“This means that passwords that result in hashes that, for occasion, do not consist of bytes in between 0x00 and 0x3B match each other password hash that does not have them. Passing this examine signifies an attacker doesn’t have to have a byte-for-byte match with the saved hash worth,” scientists claimed.

In most scenarios the place Bcrypt.doCheckPassword() is employed to verify a password, profitable exploitation will result in an authentication bypass.

Researchers said a hacker ought to brute-pressure password attempts until eventually they result in a bypass.

“Our experiments present that 20% of tested passwords were being successfully bypassed inside 1,000 makes an attempt. Some password hashes acquire more makes an attempt, determined by how lots of bytes lie between and 60 (1 to 59). Further more, our investigation exhibits that all password hashes can be bypassed with plenty of tries. In scarce cases, some password hashes can be bypassed with any enter,” claimed scientists.

Scientists shared the bug with Bouncy Castle on October 20, who fastened it in early November and printed an advisory on December 18. The disclosure led Synopsys to verify its use of the Bouncy Castle application, but none of its computer software utilised the affected variations.

According to scientists, influenced software package integrated Bouncy Castle 1.65 (unveiled March 31, 2020) and Bouncy Castle 1.66 (released July 4, 2020). This authentication bypass issue has an effect on no other versions of the application. Synopsys strongly advisable that program sellers and Bouncy Castle library consumers up grade to Bouncy Castle Java release 1.67 or afterwards.


Some components of this report are sourced from:
www.itpro.co.uk

Previous Post: «As Microsoft Confirms Breach, President Brad Smith Argues For Federal As Microsoft confirms breach from SolarWinds hack, President Brad Smith argues for federal policy changes
Next Post: Alibaba Facial Recognition Tech Picks Out Uyghur Minorities Cyber Security News»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Recent Posts

  • Big Tech Bans Social Networking App
  • Lack of Funding Could Lead to “Lost Generation” of Cyber-Startups
  • Unveiled: SUNSPOT Malware Was Used to Inject SolarWinds Backdoor
  • ‘I’ll Teams you’: Employees assume security of links, file sharing via Microsoft comms platform
  • DarkSide decryptor unlocks systems without ransom payment – for now
  • Researchers see links between SolarWinds Sunburst malware and Russian Turla APT group
  • Millions of Social Profiles Leaked by Chinese Data-Scrapers
  • Feds will weigh whether cyber best practices were followed when assessing HIPAA fines
  • SolarWinds Hack Potentially Linked to Turla APT
  • 10 quick tips to identifying phishing emails

Copyright © TheCyberSecurity.News, All Rights Reserved.