Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: Plaintext Recovery Attack Against OpenSSH (4.7p1) SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Plaintext Recovery Attack Against OpenSSH (4.7p1)

This morning we've received a couple emails and a post in our IRC channel (#dshield on irc.freenode.net) concerning a Plaintext Recovery Attack against OpenSSH.  Specifically version 4.7p1, which is quite old.

 

From the article:

"If exploited, this attack can potentially allow an attacker to
recover up to 32 bits of plaintext from an arbitrary block of
ciphertext from a connection secured using the SSH protocol in
the standard configuration. If OpenSSH is used in the standard
configuration, then the attacker's success probability for
recovering 32 bits of plaintext is 2^{-18}. A variant of the
attack against OpenSSH in the standard configuration recovers 14
bits of plaintext with probability 2^{-14}. The success probability
of the attack for other implementations of SSH is not known."

Here's a link to the article itself:  here.  So that you may read at your leisure.

Here's a link to OpenSSH's Security Page: here.

The current version of OpenSSH is 5.1, and it's been out since July.  So make sure you are patched by running "ssh -V" on the command line.

I just did it on my OSX Machine and I am running 5.1p1. 

 

-- Joel Esler http://www.joelesler.net

 

Joel

454 Posts
ISC Handler
Is this the same issue as reported against SSH Communications commercial Tectia product? http://secunia.com/Advisories/32740/
Anonymous
Yes, it appears to be the same one.
Jim

414 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!