Skip site navigation (1)Skip section navigation (2) 
Date:      28 Dec 1999 10:07:33 +0100
From:      Dag-Erling Smorgrav <des@flood.ping.uio.no>
To:        Warner Losh <imp@village.org>
Cc:        Fernando Schapachnik <fpscha@via-net-works.net.ar>, freebsd-security@FreeBSD.ORG
Subject:   Re: OpenSSH vulnerable to protocol flaw?
Message-ID:  <xzpbt7b77sa.fsf@flood.ping.uio.no>
In-Reply-To: Warner Losh's message of "Thu, 16 Dec 1999 14:04:35 -0700"
References:  <199912161207.JAA22894@ns1.via-net-works.net.ar> <199912162104.OAA74270@harmony.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help 

Warner Losh <imp@village.org> writes:
> OpenSSH implements the ssh1 protocol, which is vulnerable to insertion
> attacks like the one described in bugtraq.  I don't think they have
> changed the protocol at all, but I'm sure someone will tell me if I'm
> wrong.

Random quotes from the advisory:

  Note that the new revision for the SSH protocol, proposed and
  published as Internet Drafts [2],[3],[4] [5] makes use of
  cryptographycally strong message authentication codes for
  integrity checks that wont fail to these attacks.

  [...]

  [2] "SSH Protocol Architecture", draft-ietf-secsh-architecture-01.txt.gz
       T. Ylonen, T. Kivinen, M. Saarinen. SSH. November 7th, 1997

  [3] "SSH Connection Protocol", draft-ietf-secsh-connect-03.txt.gz
       T. Ylonen, T. Kivinen, M. Saarinen. SSH. November 7th, 1997

  [4] "SSH Authentication Protocol", draft-ietf-secsh-userauth-03.txt.gz
       T. Ylonen, T. Kivinen, M. Saarinen. SSH. November 7th, 1997

  [5] "SSH Transport Layer Protocol",draft-ietf-secsh-transport-03.txt.gz
       T. Ylonen, T. Kivinen, M. Saarinen. SSH. November 7th, 1997

           (drafts expired on May 7th, 1998)

  [...]

   In the meantime, upgrade to version 1.2.25 of SSH, which
   fixes the problem. The SSH 1.2.25 distribution can be
   obtained from:

    <ftp://ftp.cs.hut.fi/pub/ssh/ssh-1.2.25.tar.gz>;

<URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=199806120125.WAA05406@takeover.core.com.ar>;

DES
-- 
Dag-Erling Smorgrav - des@flood.ping.uio.no


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?xzpbt7b77sa.fsf>