German e-gov protocol carries ancient vulns

Found on The Register on Monday, 03 July 2017

According to SEC Consult, the library's bugs allow attackers to decrypt messages, modify signed messages, and attack hosts implementing the protocol.

CVE-2017-10669 is a signature wrapping attack that allows the miscreant to change the contents of a message without invalidating the signature; and finally there's a deserialisation bug that, like CVE-2017-10670, allows an external entity injection.

So much for the promised security. One would assume that the government hires developers who know what they are doing.

Browse all articles« Previous « » Next »