oss-sec mailing list archives
Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)
From: Alan Coopersmith <alan.coopersmith () oracle com>
Date: Tue, 19 Dec 2023 13:31:03 -0800
On 12/18/23 08:08, Fabian Bäumer wrote:
### MitigationsTo mitigate this protocol vulnerability, OpenSSH suggested a so-called "strict kex" which alters the SSH handshake to ensure a Man-in-the-Middle attacker cannot introduce unauthenticated messages as well as convey sequence number manipulation across handshakes. Support for strict key exchange has been added to a variety of SSH implementations, including OpenSSH itself, PuTTY, libssh, and more.**Warning: To take effect, both the client and server must support this countermeasure.**
Open source projects I see have implemented this already are: - AsyncSSH 2.14.2: https://asyncssh.readthedocs.io/en/latest/changes.html#release-2-14-2-18-dec-2023 - Dropbear git: https://github.com/mkj/dropbear/commit/6e43be5c7b99dbee49dc72b6f989f29fdd7e9356 - Erlang ssh 5.1.1: https://www.erlang.org/doc/apps/ssh/notes - golang.org/x/crypto 0.17.0: https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg - libssh 0.10.6 and 0.9.8: https://www.libssh.org/2023/12/18/libssh-0-10-6-and-libssh-0-9-8-security-releases/ - libssh2 git: https://github.com/libssh2/libssh2/issues/1290 https://github.com/libssh2/libssh2/pull/1291 - OpenSSH 9.6: https://www.openssh.com/txt/release-9.6 - Paramiko 3.4.0: https://www.paramiko.org/changelog.html#3.4.0 - PuTTY 0.80: https://lists.tartarus.org/pipermail/putty-announce/2023/000037.html - russh 0.40.2: https://github.com/warp-tech/russh/releases/tag/v0.40.2 - SFTPGo 2.5.6: https://github.com/drakkan/sftpgo/releases/tag/v2.5.6 - ssh2 [node.js/npm] 1.15.0: https://github.com/mscdex/ssh2/commits/v1.15.0 - Tera Term 5.1: https://github.com/TeraTermProject/teraterm/releases/tag/v5.1 - Thrussh 0.35.1: https://pijul.org/posts/2023-12-18-thrussh-cve/ There's also some open bugs against these open source projects that are not yet handled: - Apache Mina: https://github.com/apache/mina-sshd/issues/445 - ProFTPD (mod_sftp): https://github.com/proftpd/proftpd/issues/1760 - SSHJ: https://github.com/hierynomus/sshj/issues/916 -- -Alan Coopersmith- alan.coopersmith () oracle com Oracle Solaris Engineering - https://blogs.oracle.com/solaris
Current thread:
- CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack) Fabian Bäumer (Dec 18)
- Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack) Alan Coopersmith (Dec 19)
- Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack) Marcus Meissner (Dec 20)
- Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack) Alan Coopersmith (Dec 19)