OpenVPN/openvpn-gui
1
0
Fork 0
mirror of https://github.com/OpenVPN/openvpn-gui.git synced 2025-10-14 10:38:52 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
master
openvpn-gui/service.h
Selva Nair 4547dd95fc Validate the service pipe to avoid connecting to a bogus pipe 
If an attacker with SeImeprsonatePrivilege manages to create a
namedpipe server with a name matching that used by the "Interactive
Service", the GUI connecting to it could allow the attacker to
impersonate the GUI user.

Fix by validating the service pipe by comparing the pid of the pipe
server with that of the "Interactive Service".

Note: GetNamedPipeServerProcessId() returns the pid of the process
that created the first instance of the pipe. So, this patch only
guards against a rogue pipe instance created before the service
has started. This has to work in combination with a patch for the
service that disallows creation of additional pipe instances when
the service is running.

CVE: CVE-2024-4877
Reported by: Zeze with TeamT5 <zeze7w@gmail.com>

Acked-by: Lev Stipakov <lstipakov@gmail.com>
Signed-off-by: Selva Nair <selva.nair@gmail.com>
2024-06-19 16:46:41 +02:00

31 lines
1.1 KiB
C
Raw Permalink Blame History

/*
* OpenVPN-GUI -- A Windows GUI for OpenVPN.
*
* Copyright (C) 2004 Mathias Sundman <mathias@nilings.se>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program (see the file COPYING included with this
* distribution); if not, write to the Free Software Foundation, Inc.,
* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
VOID CheckServiceStatus();
BOOL CheckIServiceStatus(BOOL warn);
/* Attempt to start OpenVPN Automatc Service */
void StartAutomaticService(void);
/* Get the processId of the Interactive Service */
ULONG GetServicePid(void);
Reference in New Issue View Git Blame Copy Permalink