Security Incidents mailing list archives
Re: Attacks against SSH?
From: Jason Baker <jbaker () filonet ca>
Date: Tue, 4 Dec 2001 11:27:13 -0800
On December 3, 2001 10:45 pm, you wrote:
This exploit is indeed a different crc32 exploit than the one I analyzed a couple weeks ago, but it affects the same set of systems as the one I analyzed. For those who haven't seen it, the analysis includes examples and a script for scanning your network to identify *potentially* vulnerable systems (you need to check the version of your protocol 1 fallback server separately, if you allow fallback): http://staff.washington.edu/dittrich/misc/ssh-analysis.txt
From this analysis, SSH-1.5-OpenSSH-1.2.3 is listed as vulnerable, but that's what you get when you install the SSH update from Debian, listed in DSA-027. I'd normally expect that just fixed a different problem, but the text of their advisory for "ssh-nonfree" (DSA-086-1) states: "We have received reports that the "SSH CRC-32 compensation attack detector vulnerability" is being actively exploited. This is the same integer type error previously corrected for OpenSSH in DSA-027-1. OpenSSH (the Debian ssh package) was fixed at that time, but ssh-nonfree and ssh-socks were not." I took a quick look around and didn't see the exploit code, is there anyone who can confirm if debian with ssh 1:1.2.3-9.2 is vulnerable? (Or point me at the exploit and I'll test myself) ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Attacks against SSH? johan . augustsson (Dec 03)
- Re: Attacks against SSH? Aaron Schultz (Dec 03)
- Re: Attacks against SSH? f.johan.beisser (Dec 03)
- Re: Attacks against SSH? johan . augustsson (Dec 04)
- Re: Attacks against SSH? Jordan K Wiens (Dec 04)
- Re: Attacks against SSH? Dave Dittrich (Dec 04)
- Re: Attacks against SSH? Jason Baker (Dec 04)
- Re: Attacks against SSH? Michal Zalewski (Dec 04)
- Re: Attacks against SSH? Russell Fulton (Dec 04)
- Re: Attacks against SSH? Przemyslaw Frasunek (Dec 05)
- Re: Attacks against SSH? johan . augustsson (Dec 04)
- Re: Attacks against SSH? f.johan.beisser (Dec 04)
- SSH1 CRC32 Compensation Attacks Armando B. Ortiz (Dec 10)
- Re: SSH1 CRC32 Compensation Attacks Andreas Östling (Dec 10)
- Re: SSH1 CRC32 Compensation Attacks Armando Ortiz (Dec 10)