Date: Mon, 04 Aug 2014 23:56:40 -0700 From: Ben Reser <ben@...er.org> To: OSS Security List <oss-security@...ts.openwall.com> Subject: Re: Re: Possible CVE request: subversion MD5 collision authentication leak On 8/4/14 6:38 PM, Michael Samuel wrote: > Just to clarify - does the attacker have control of both $REALM parameters? Only their own server. If they had access to the server they were attacking they would presumably have access to the repository directly and could do anything they wanted already. > A chosen prefix collision still requires the attacker provide both > inputs (or at-least the suffix to both inputs). I stand corrected. Re-read the documentation at the link I shared earlier and you're right you need to be able to modify the suffix on both sides of the collision. Which means that yes this is theoretical. Thanks for setting me right.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ