Nicmx Fort-Validator vulnerabilities

CVE-2024-48943 CVE-2024-48943: A malicious RPKI rsync repository can prevent Fort from finishing its validation run by drip-feeding its content A malicious RPKI rsync repository can prevent Fort from finishing its validation run by drip-feeding its content.

CVE-2024-56375 [HIGH] CWE-191 CVE-2024-56375: An integer underflow was discovered in Fort 1.6.3 and 1.6.4 before 1.6.5. A malicious RPKI repositor An integer underflow was discovered in Fort 1.6.3 and 1.6.4 before 1.6.5. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) a Manifest RPKI object containing an empty fileList. Fort dereferences (and, shortly afterwards, writes to) this array during a shuffle attempt, before the validation that would

CVE-2024-56170 [MEDIUM] CWE-346 CVE-2024-56170: A validation integrity issue was discovered in Fort through 1.6.4 before 2.0.0. RPKI manifests are l A validation integrity issue was discovered in Fort through 1.6.4 before 2.0.0. RPKI manifests are listings of relevant files that clients are supposed to verify. Assuming everything else is correct, the most recent version of a manifest should be prioritized over other versions, to prevent replays, accidental or otherwise. Manifests contain the man

CVE-2024-45237 [CRITICAL] CWE-120 CVE-2024-45237: An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a (trus An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) a resource certificate containing a Key Usage extension composed of more than two bytes of data. Fort writes this string into a 2-byte buffer without properly sanitizing its length, leading to a buffer

CVE-2024-45234 [HIGH] CWE-295 CVE-2024-45234: An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a (trus An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) an ROA or a Manifest containing a signedAttrs encoded in non-canonical form. This bypasses Fort's BER decoder, reaching a point in the code that panics when faced with data not encoded in DER. Because Fort

CVE-2024-45235 [HIGH] CVE-2024-45235: An issue was discovered in Fort before 1 An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) a resource certificate containing an Authority Key Identifier extension that lacks the keyIdentifier field. Fort references this pointer without sanitizing it first. Because Fort is an RPKI Relying Party, a crash can lead to Route Origin Validation unavailability, which ca

CVE-2024-45236 [HIGH] CWE-20 CVE-2024-45236: An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a (trus An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) a signed object containing an empty signedAttributes field. Fort accesses the set's elements without sanitizing it first. Because Fort is an RPKI Relying Party, a crash can lead to Route Origin Validation u

CVE-2024-45239 [HIGH] CWE-476 CVE-2024-45239: An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a (trus An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) an ROA or a Manifest containing a null eContent field. Fort dereferences the pointer without sanitizing it first. Because Fort is an RPKI Relying Party, a crash can lead to Route Origin Validation unavaila

CVE-2024-45238 [HIGH] CVE-2024-45238: An issue was discovered in Fort before 1 An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) a resource certificate containing a bit string that doesn't properly decode into a Subject Public Key. OpenSSL does not report this problem during parsing, and when compiled with OpenSSL libcrypto versions below 3, Fort recklessly dereferences the pointer. Because Fort is

CVE-2021-3907 [CRITICAL] CVE-2021-3907: OctoRPKI does not escape a URI with a filename containing " OctoRPKI does not escape a URI with a filename containing "..", this allows a repository to create a file, (ex. rsync://example.org/repo/../../etc/cron.daily/evil.roa), which would then be written to disk outside the base cache folder. This could allow for remote code execution on the host machine OctoRPKI is running on.

CVE-2021-3909 [HIGH] CVE-2021-3909: OctoRPKI does not limit the length of a connection, allowing for a slowloris DOS attack to take place which makes OctoRPKI wait forever OctoRPKI does not limit the length of a connection, allowing for a slowloris DOS attack to take place which makes OctoRPKI wait forever. Specifically, the repository that OctoRPKI sends HTTP requests to will keep the connection open for a day before a response is returned, but does keep drip feeding new bytes to keep the conne

CVE-2021-43173 [HIGH] CVE-2021-43173: In NLnet Labs Routinator prior to 0 In NLnet Labs Routinator prior to 0.10.2, a validation run can be delayed significantly by an RRDP repository by not answering but slowly drip-feeding bytes to keep the connection alive. This can be used to effectively stall validation. While Routinator has a configurable time-out value for RRDP connections, this time-out was only applied to individual read or write operations rather than the complete request. Thus, if an

CVE-2021-43114 [HIGH] CVE-2021-43114: FORT Validator versions prior to 1 FORT Validator versions prior to 1.5.2 will crash if an RPKI CA publishes an X.509 EE certificate. This will lead to RTR clients such as BGP routers to lose access to the RPKI VRP data set, effectively disabling Route Origin Validation.