Researchers Warn of Serious SSH Flaws

[InfoSec News <isn () c4i org>]

http://www.eweek.com/article2/0,3959,768388,00.asp

By Dennis Fisher
December 16, 2002 

Security researchers have discovered a set of vulnerabilities in
several vendors' implementations of the SSHv2 protocol that could give
an attacker the ability to execute code on remote machines. The new
flaws are especially dangerous in that they occur before
authentication takes place.

The SSH (secure shell) protocol is a transport layer protocol that
enables clients to connect securely to a remote server. It's often
used for remote administration purposes.

Although the results of exploiting one of these vulnerabilities varies
by vendor and vulnerability, attackers could, in some cases, run code
on remote machines or launch denial-of-service attacks. Rapid 7 Inc.,
the New York-based security company that found the vulnerabilities,
only tested SSHv2 implementations but said that some SSHv1
implementations may be vulnerable as well.

Most of the flaws involve memory access violations and all of them are
found in the greeting and key-exchange phase of the SSH transmission.  
Among the vendors whose products are vulnerable are SSH Communications
Security Inc., F-Secure Corp., InterSoft International Inc., and
several others. However, both SSH Communications and F-Secure say that
the vulnerabilities are not exploitable in their software.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.