Date: Wed, 19 Nov 2008 16:20:58 +0300 From: Eygene Ryabinkin <rea-fbsd@codelabs.ru> To: freebsd-security@freebsd.org Cc: openssh@openssh.com Subject: Plaintext recovery attack in SSH, discovered by CPNI? Message-ID: <6p2tlso0g3Xi5suHfErE3rcPs54@Mr6N54GlMnGhD%2BRQ1Yhx%2B24IxLk>
next in thread | raw e-mail | index | archive | help
--ATYltwmfWCpDp8Ax Content-Type: text/plain; charset=koi8-r Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Good day. Just came across the following list in the oss-security list: http://www.cpni.gov.uk/Docs/Vulnerability_Advisory_SSH.txt People are saying that this vulnerability was tested for Debian's ;)) OpenSSH 4.7p1, but they generally believe that any RFC-compliant implementation should have this if CBC mode is used. The advisory says that CTR mode is safe, but I see that at least for FreeBSD's OpenSSH (OpenSSH_5.1p1) still uses various ciphers in the CBC mode as the preferential ones. Perhaps we should just change the default ciphersuites order? So, it is interesting what OpenSSH developers can tell about this: I had seen no words about this at http://openssh.org/security.html and relese notes, so if you can -- please, comment on this. Thanks! --=20 Eygene _ ___ _.--. # \`.|\..----...-'` `-._.-'_.-'` # Remember that it is hard / ' ` , __.--' # to read the on-line manual =20 )/' _/ \ `-_, / # while single-stepping the kernel. `-'" `"\_ ,_.-;_.-\_ ', fsc/as # _.-'_./ {_.' ; / # -- FreeBSD Developers handbook=20 {_.-``-' {_/ # --ATYltwmfWCpDp8Ax Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (FreeBSD) iEYEARECAAYFAkkkEroACgkQthUKNsbL7YiDBACeNdKt8zJg6H3mfwILDZ4nl/du m3UAmgIZct/6dCWakB3FlHhMSMUKDvjL =bmqt -----END PGP SIGNATURE----- --ATYltwmfWCpDp8Ax--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6p2tlso0g3Xi5suHfErE3rcPs54>