Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Plaintext Recovery Attack Against OpenSSH (4.7p1) - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Plaintext Recovery Attack Against OpenSSH (4.7p1)

This morning we've received a couple emails and a post in our IRC channel (#dshield on irc.freenode.net) concerning a Plaintext Recovery Attack against OpenSSH.  Specifically version 4.7p1, which is quite old.

 

From the article:

"If exploited, this attack can potentially allow an attacker to
recover up to 32 bits of plaintext from an arbitrary block of
ciphertext from a connection secured using the SSH protocol in
the standard configuration. If OpenSSH is used in the standard
configuration, then the attacker's success probability for
recovering 32 bits of plaintext is 2^{-18}. A variant of the
attack against OpenSSH in the standard configuration recovers 14
bits of plaintext with probability 2^{-14}. The success probability
of the attack for other implementations of SSH is not known."

Here's a link to the article itself:  here.  So that you may read at your leisure.

Here's a link to OpenSSH's Security Page: here.

The current version of OpenSSH is 5.1, and it's been out since July.  So make sure you are patched by running "ssh -V" on the command line.

I just did it on my OSX Machine and I am running 5.1p1. 

 

-- Joel Esler http://www.joelesler.net

 

Joel

454 Posts
ISC Handler
Is this the same issue as reported against SSH Communications commercial Tectia product? http://secunia.com/Advisories/32740/
Anonymous
Yes, it appears to be the same one.
Jim

402 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!