Re: SSH & Telnet

From: Alok Aggarwal (aggarwaa@private)
Date: Sat Nov 10 2001 - 10:59:00 PST

  • Next message: Toby Kohlenberg: "Re: SSH & Telnet Exploits"

    > sshd and telnet vulnerabilites that where published on securityfocus 
    
    Just talking of the sshd vulnerabilities, a number of them have been published 
    on bugtraq over the last couple of months. 
    
    > a few weeks ago.  I'm wondering if people have seen examples of exploit
    > code especially for the SSH attack. 
    
    Some of the notable vulnerabilities I can think of are:
    
    . The authorized_keys vulnerability -
    	http://www.securityfocus.com/archive/1/216702
      No exploit code needed to attack this vulnerability, the attacker has to be
      bonafide user on the internal network. Only some versions of OpenSSH and
      derivatives of OpenSSH are affected. Since most commercial Linux distros ship
      with OpenSSH, they are affected and thus there have been separate advisories
      from all of them for the same vulnerability. 
    
    . Passive Traffic Analysis vulnerability -
    	http://www.openwall.com/advisories/OW-003-ssh-traffic-analysis.txt
      The website has exploit *tools* as well. I think OpenSSH versions < 2.5.x are
      affected, don't know about the SSH Inc version.
    
    . Keystroke timing attacks - This is similar to traffic analysis vulnerability
      but not the same. It's based on work done by David Wagner and Dawn Song. The
      paper is at http://www.cs.berkeley.edu/~daw/papers/ssh-use01.pdf. I believe
      there is a tool out there that implements this vulnerability. Most versions
      of OpenSSH and SSH Inc affected. IMO this vulnerability affects any
      interactive VPN or IPSEC sessions including SSL secured telnet.
    
    . CRC32 vulnerabilty - Haven't seen an exploit code for this although Univ. of
      Washington computers seem to have been hacked lately using this
      vulnerability. The thing to note here is that, this vulnerability affects
      people running SSH protocol version 1, which is inherently insecure anyway
      and is deprecated. Only SSH protocol version 2 should be enabled.
    
    There is has also been a vulnerability in some version of SSH Inc version, can't
    remember which. The basic idea was that if a user used PAM (pluggable
    authentication module) as the authentication method, then the sshd would let
    him in with an empty password .. classic coding error by one of the SSH Inc
    developers where all instances of str* functions were blindly replaced by strn*
    calls.
    
    > It seemed to apply to a great number of versions of SSH.  
    
    See above.
    
    Hope this helps.
    -Alok
    



    This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:31:15 PDT