Skip to Content.
Sympa Menu

netsec-sig - [Security-WG] Follow up on Ripple20

Subject: Internet2 Network Security SIG

List archive

[Security-WG] Follow up on Ripple20


Chronological Thread 
    < Chronological >      < Thread >
  • From: Jesse Bowling <>
  • To: "" <>
  • Subject: [Security-WG] Follow up on Ripple20
  • Date: Tue, 6 Oct 2020 20:12:42 +0000
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=duke.edu; dmarc=pass action=none header.from=duke.edu; dkim=pass header.d=duke.edu; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0nA/z3hnikaJBCMDhJ8RhJqbiupV2PTZ0rWIAdZCr1Y=; b=lXxYAzOrGZM1jvIsBt0QuQBfxg7XKageB5mAtPlGcfvZkc4H5cy+7uImJ0UhmwN1z4F9J2M2bPHjieiAf4xGdpvDi5KTDbTMTMKtbc4Moez2vwiqZQbI4qDFIExjUVsBwaMIslm4JLAapcxs7nhInCCJg+qtrHozF1LT/zq4ZdxrGHt4SQKR/aHkTdIAdGWf8FpXgB6AkCFRi6YW4eT58uL6xD0KDSY5kWXTzr+j3KLrll5M3Y/fGDbzoP0YMHeybI1URaeQ6XW/2zCZLcKtKW6FnZJLknhLq1NpNjNKVKNre0ZzHuLvwJmxiTpTa+8dMy4cTkBZF8QhzSae7kj8kg==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=eDuzg5lFCwe7cllZhhyU32FB0rPjBfjHwctD+2bdOXx3syzq0EQICZodkCyMgajPp+es86WQlBdGHCmJG9vKxmUB1vZCl8iYNesQOW/0YaRlEENpifeT2BmSjEEgu69L33pzFBao6te0iwwEJPS0x74wrj5F/1huJ8JkxeMttrGJpFQLO5Jc2BMAeOv/4L7b6cYxVWd0iV1G+LvFe6mtzLr8Fvagq4cOjMGwIEaCUGmRD9p7vpskyIt5oDJUWKwwx7+autIJogxdamUEvJaD5YjmwDr397kJKk6ugOUrhxrOIZjBPcsEypyt2xbL43W4XovGfRY1CZ7ndiHewIEdrQ==
Interesting report put out by another group on the Ripple20 vulnerabilities
we discussed at the September Zoom meeting:

Attachment: False-Alarms-and-Close-Calls-The-Analysis-and-Verification-of-Ripple20-and-its-Ripple-Effect.pdf
Description: Adobe PDF document



Excerpt:

“In the mad rush to patch all of the devices that were presumed to be
affected by this highly publicized vulnerability, we saw two problems:
devices that were unaffected were patched unnecessarily, and because the
patches were rushed, new vulnerabilities were introduced in the process
(which our team has identified, and which we will detail further after the
responsible disclosure process is complete). Most product security teams lack
the proper tooling to be able to verify the effects of these vulnerabilities,
which is why it’s crucial that we have a system in place that can do so
quickly and accurately to prevent this kind of response."

Cheers,

Jesse
--
Jesse Bowling
ITSO::Security Architect & CSIRT Program Manager
jesse.bowling[AT]duke.edu::919-660-1073
334 Blackwell St::Durham, NC::27701

Attachment: signature.asc
Description: Message signed with OpenPGP


  • [Security-WG] Follow up on Ripple20, Jesse Bowling, 10/06/2020

Archive powered by MHonArc 2.6.19.

Top of Page