TrustTunnel VPN ClientRandom Extraction Bypass Vulnerability

A vulnerability exists in TrustTunnel VPN versions prior to 0.9.115, allowing a bypass of rules that evaluate the 'client_random_prefix' from TLS ClientHello messages. The issue arises in 'tls_listener.rs', where the 'TlsListener::listen()' function peeks the first 1024 bytes of the stream to extract the client random data. If this parsing fails, 'extract_client_random' returns 'None'. Consequently, the 'RulesEngine::evaluate' function skips any rules dependent on 'client_random_prefix' matching, leading to potential security bypasses or unintended traffic blocks.

Impact

This vulnerability can be exploited to bypass security rules that block specific ClientRandom prefixes, or to unintentionally block legitimate traffic by disrupting the expected rule evaluation process.

Reproduction

To reproduce this vulnerability, configure a rule that uses 'client_random_prefix' to block certain prefixes. Then, send a fragmented TLS ClientHello that splits the ClientRandom data across multiple TCP writes, causing the extraction to fail. As a result, the rule will not be evaluated, and the connection will be allowed, bypassing the intended block.

Remediation

Users should update to TrustTunnel version 0.9.115 or later, where this vulnerability has been fixed.