Re: SSH deja vu

[Michal Zalewski <lcamtuf () coredump cx>]

On Tue, 23 Oct 2001, Max Parke wrote:

> When the vulnerabilities in ssh-1.xx were publicised, we upgraded to
> ssh-2.xx on our machines.  The process for ssh version 2.xx does NOT
> erase sshd1 from /usr/local/sbin, and if an incoming client is still
> running the old ssh version 1, sshd2 will hand off control to
> /usr/local/sbin/sshd1 (of course, this can be disabled).

We mentioned this possibility in our original advisory, available at
http://razor.bindview.com/publish/advisories/adv_ssh1crc.html, but it is
good to mention it again today, when we observe massive exploitation of
this vulnerability since private, multi-platform brute-force exploit
authored by TESO security team leaked to the "underground" (not blaming
TESO in particular: seeing several other exploits leaking this way in past
few months - e.g. in.telnetd remote root - makes you wonder what's the
real good of zero-disclosure policy and general ability of human beings to
keep things available to "responsible parties" only). So far, people
didn't see the threat (no exploits publicly available), and many didn't
upgrade their daemons. Now, it is the time.

If you do not use SSHv1, it is important to disable this feature, as
SSH.com SSHv1 implementation is no longer actively maintained. If you have
to stick to this protocol (which seems to be more vulnerable to certain
cryptographic attacks than SSHv2), you should upgrade to 1.2.32, or switch
to OpenSSH implementation - they implement SSHv1 in main daemon code and
still seem to maintain it.

-- 
_____________________________________________________
Michal Zalewski [lcamtuf () bos bindview com] [security]
[http://lcamtuf.coredump.cx] <=-=> bash$ :(){ :|:&};:
=-=> Did you know that clones never use mirrors? <=-=
          http://lcamtuf.coredump.cx/photo/