Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Attacks against SSH?

From: "f.johan.beisser" <jan () caustic org>
Date: Mon, 3 Dec 2001 14:53:13 -0800 (PST)
On Mon, 3 Dec 2001, Jason Robertson wrote:


Could this potentially be the sftp bug?

cve.mitre.org ID: CAN-2001-0816


no.

the sftp bug requires that a user is able to log in to the machine (as any
given account). OpenSSH would then ignore command restrictions in the key.

i'm fairly sure that the exploit simply uses the known CRC32 attack. but
i've yet to find any common implimentation of OpenSSH that's vulnerable.
I've tested it against 2.3.0 shipped with FreeBSD 4.2 through 4.4, aswell
as against OpenSSH 2.9 on OpenBSD 2.9 (release, direct from the cdrom).
none of the machines were affected.


-------/ f. johan beisser /--------------------------------------+
  http://caustic.org/~jan                      jan () caustic org
    "John Ashcroft is really just the reanimated corpse
         of J. Edgar Hoover." -- Tim Triche


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com
Previous By Date Next
Previous By Thread Next

Current thread: