Parisneo Lollms Timing Attack Vulnerability in Authentication Function Allowing Username Enumeration and Password Guessing
Vulnerability
A timing attack vulnerability has been identified in the Parisneo Lollms repository, specifically within the authenticate_user function of the lollms_authentication.py file. This vulnerability allows attackers to incrementally guess passwords and enumerate valid usernames by analyzing variations in response times. The issue arises from the use of Python's default string equality operator for password comparisons, which processes characters sequentially and terminates at the first mismatch. As a result, response times vary based on the number of initial matching characters, enabling exploitation. This vulnerability affects the latest version of the lollms repository and has been resolved in version 20.1.
Impact
Exploitation of this vulnerability could lead to unauthorized enumeration of usernames and incremental guessing of passwords, potentially allowing attackers to gain unauthorized access to user accounts.
Remediation
Users can update to version 20.1 of the Parisneo Lollms repository to address this vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.