Information Security News mailing list archives
OpenSSH chink bares encrypted data packets
From: InfoSec News <alerts () infosecnews org>
Date: Tue, 19 May 2009 02:28:58 -0500 (CDT)
http://www.theregister.co.uk/2009/05/19/open_ssh_hack/ By Dan Goodin The Register 19th May 2009 Cryptographers are urging users of a widely employed network protocol to make sure they're running the latest version after discovering a flaw that could allow attackers to read data that's supposed to remain encrypted. All programs that incorporate the OpenSSH implementation of SSH, short for Secure Shell, should make sure they use version 5.2, which provides several countermeasures to prevent the attacks. Other SSH implementations may be vulnerable as well, the researchers from the Information Security Group at the University of London's Royal Holloway said. The attack exploits subtle differences in the way SSH software reacts when encountering errors during cryptographic processing. By directing specially manipulated packets at the application, an attacker has a one in 262,144 chance of recovering 32 bits of plaintext from an arbitrary chunk of ciphertext. While those are extremely limited odds, the design flaw still poses a significant threat given the way many applications that employ SSH work. VPNs, or virtual private networks, for example, repeatedly reconnect to a server extremely rapidly each time they are disconnected. With some programs reconnecting several times per second, a determined attacker might find ample opportunity to succeed. [...] -- LayerOne 2009, Information Security for the discerning professional. May 23-24 2009 @ The Anaheim Marriott in Anaheim, California Visit http://layerone.info for more information
Current thread:
- OpenSSH chink bares encrypted data packets InfoSec News (May 19)