[ISN] Researchers Warn of Serious SSH Flaws

From: InfoSec News (isnat_private)
Date: Tue Dec 17 2002 - 03:26:43 PST

  • Next message: InfoSec News: "Re: [ISN] Microsoft upgrades IE flaw to critical after criticism"

    By Dennis Fisher
    December 16, 2002 
    Security researchers have discovered a set of vulnerabilities in
    several vendors' implementations of the SSHv2 protocol that could give
    an attacker the ability to execute code on remote machines. The new
    flaws are especially dangerous in that they occur before
    authentication takes place.
    The SSH (secure shell) protocol is a transport layer protocol that
    enables clients to connect securely to a remote server. It's often
    used for remote administration purposes.
    Although the results of exploiting one of these vulnerabilities varies
    by vendor and vulnerability, attackers could, in some cases, run code
    on remote machines or launch denial-of-service attacks. Rapid 7 Inc.,
    the New York-based security company that found the vulnerabilities,
    only tested SSHv2 implementations but said that some SSHv1
    implementations may be vulnerable as well.
    Most of the flaws involve memory access violations and all of them are
    found in the greeting and key-exchange phase of the SSH transmission.  
    Among the vendors whose products are vulnerable are SSH Communications
    Security Inc., F-Secure Corp., InterSoft International Inc., and
    several others. However, both SSH Communications and F-Secure say that
    the vulnerabilities are not exploitable in their software.
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Wed Dec 18 2002 - 13:11:03 PST