Mail Archives: cygwin/2001/02/15/12:54:52
Just as an FYI. Dedicated to all here using SSH1 protocol.
Corinna
----- Forwarded message from Markus Friedl <Markus DOT Friedl AT informatik DOT uni-erlangen DOT de> -----
Date: Thu, 15 Feb 2001 09:13:41 +0100
From: Markus Friedl <Markus DOT Friedl AT informatik DOT uni-erlangen DOT de>
Subject: OpenSSH is _not_ vulnerable the several known problems in SSH-1
To: openssh-unix-dev AT mindrot DOT org, ssh AT clinet DOT fi, security-announce AT openbsd DOT org,
misc AT openbsd DOT org
Cc: bugtraq AT securityfocus DOT com
-----------------------------------------------------------------------
Special OpenBSD Security Note
February 14, 2001
OpenSSH is _not_ vulnerable the several known problems in SSH-1
-----------------------------------------------------------------------
The CERT Coordination Center has published the following notes about
weaknesses in various SSH protocol version 1 implementations.
Since many people using OpenSSH are worried about these issues,
we decided to publish these notes.
1) http://www.kb.cert.org/vuls/id/565052
"Passwords sent via SSH encrypted with RC4 can be easily cracked"
2) http://www.kb.cert.org/vuls/id/665372
"SSH connections using RC4 and password authentication can be
replayed"
3) http://www.kb.cert.org/vuls/id/25309
"Weak CRC allows RC4 encrypted SSH packets to be modified without
notice"
4) http://www.kb.cert.org/vuls/id/684820
"SSH allows client authentication to be forwarded if encryption
is disabled"
5) http://www.kb.cert.org/vuls/id/315308
"Last block of IDEA-encrypted SSH packet can be changed without
notice"
6) http://www.kb.cert.org/vuls/id/786900
"SSH host key authentication can be bypassed when DNS is used
to resolve localhost"
7) http://www.kb.cert.org/vuls/id/118892
"Older SSH clients do not allow users to disable X11 forwarding"
OpenSSH is _not_ vulnerable to #1, #2 and #3 since OpenSSH does not
allow RC4 in its SSH protocol 1 implementation.
OpenSSH is _not_ vulnerable to #4 since OpenSSH does not allow
encryption to be disabled.
OpenSSH is _not_ vulnerable to #5 since OpenSSH does not support
IDEA.
OpenSSH is _not_ vulnerable to #6 since OpenSSH does not resolve
"localhost". OpenSSH uses the resolved IP-address and disables the
host key authentication for 127.0.0.1 only.
OpenSSH is _not_ vulnerable to #7 since OpenSSH permits users to
disable X11 forwarding, and this is the default configuration in
the OpenSSH client.
The SSH protocol version 2 (a.k.a. SecSH) is not affected by problems
#1, #2, #3, #4 and #5.
The OpenSSH client currenly defaults to preferring SSH-1 protocol
over SSH-2 protocol, but in a future release the default will soon
change, since the SSH-2 protocol support has improved considerably.
-----------------------------------------------------------------------
----- End forwarded message -----
--
Corinna Vinschen
Cygwin Developer
Red Hat, Inc.
mailto:vinschen AT redhat DOT com
--
Want to unsubscribe from this list?
Check out: http://cygwin.com/ml/#unsubscribe-simple
- Raw text -