Date: 28 Dec 1999 10:07:33 +0100 From: Dag-Erling Smorgrav <des@flood.ping.uio.no> To: Warner Losh <imp@village.org> Cc: Fernando Schapachnik <fpscha@via-net-works.net.ar>, freebsd-security@FreeBSD.ORG Subject: Re: OpenSSH vulnerable to protocol flaw? Message-ID: <xzpbt7b77sa.fsf@flood.ping.uio.no> In-Reply-To: Warner Losh's message of "Thu, 16 Dec 1999 14:04:35 -0700" References: <199912161207.JAA22894@ns1.via-net-works.net.ar> <199912162104.OAA74270@harmony.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Warner Losh <imp@village.org> writes: > OpenSSH implements the ssh1 protocol, which is vulnerable to insertion > attacks like the one described in bugtraq. I don't think they have > changed the protocol at all, but I'm sure someone will tell me if I'm > wrong. Random quotes from the advisory: Note that the new revision for the SSH protocol, proposed and published as Internet Drafts [2],[3],[4] [5] makes use of cryptographycally strong message authentication codes for integrity checks that wont fail to these attacks. [...] [2] "SSH Protocol Architecture", draft-ietf-secsh-architecture-01.txt.gz T. Ylonen, T. Kivinen, M. Saarinen. SSH. November 7th, 1997 [3] "SSH Connection Protocol", draft-ietf-secsh-connect-03.txt.gz T. Ylonen, T. Kivinen, M. Saarinen. SSH. November 7th, 1997 [4] "SSH Authentication Protocol", draft-ietf-secsh-userauth-03.txt.gz T. Ylonen, T. Kivinen, M. Saarinen. SSH. November 7th, 1997 [5] "SSH Transport Layer Protocol",draft-ietf-secsh-transport-03.txt.gz T. Ylonen, T. Kivinen, M. Saarinen. SSH. November 7th, 1997 (drafts expired on May 7th, 1998) [...] In the meantime, upgrade to version 1.2.25 of SSH, which fixes the problem. The SSH 1.2.25 distribution can be obtained from: <ftp://ftp.cs.hut.fi/pub/ssh/ssh-1.2.25.tar.gz> <URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=199806120125.WAA05406@takeover.core.com.ar> DES -- Dag-Erling Smorgrav - des@flood.ping.uio.no To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?xzpbt7b77sa.fsf>