bugzilla-daemon at mindrot.org
2022-Feb-11 03:57 UTC
[Bug 3387] New: Will future versions of openssh not support DHE because of "dheater" vulnerability :CVE-2002-20001?
https://bugzilla.mindrot.org/show_bug.cgi?id=3387
Bug ID: 3387
Summary: Will future versions of openssh not support DHE
because of "dheater" vulnerability
:CVE-2002-20001?
Product: Portable OpenSSH
Version: 8.8p1
Hardware: Other
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: sshd
Assignee: unassigned-bugs at mindrot.org
Reporter: rmsh1216 at 163.com
The Diffie-Hellman Key Agreement Protocol allows remote attackers (from
the client side) to send arbitrary numbers that are actually not public
keys, and trigger expensive server-side DHE modular-exponentiation
calculations, aka a D(HE)ater attack. We have repeated the attack when
establish ssh connections. What will openssh do to avoid dheater?
--
You are receiving this mail because:
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2022-Feb-11 04:04 UTC
[Bug 3387] Will future versions of openssh not support DHE because of "dheater" vulnerability :CVE-2002-20001?
https://bugzilla.mindrot.org/show_bug.cgi?id=3387
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |djm at mindrot.org
--- Comment #1 from Damien Miller <djm at mindrot.org> ---
Not based on that attack, it's AFAIK a denial of service only that is
already mitigated by existing measures in sshd including LoginGraceTime
and MaxStartups.
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2022-Feb-11 06:16 UTC
[Bug 3387] Will future versions of openssh not support DHE because of "dheater" vulnerability :CVE-2002-20001?
https://bugzilla.mindrot.org/show_bug.cgi?id=3387 --- Comment #2 from renmingshuai <rmsh1216 at 163.com> --- Is it a vulnerability in DHE algorithm protocol, not in openssh? -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2022-Feb-14 05:33 UTC
[Bug 3387] Will future versions of openssh not support DHE because of "dheater" vulnerability :CVE-2002-20001?
https://bugzilla.mindrot.org/show_bug.cgi?id=3387 --- Comment #3 from Damien Miller <djm at mindrot.org> --- It's probably an intrinsic issue to any cryptographic key agreement protocol that an attacker can cause the server to do useless work. I don't think ECDSA or any of the PQ KEM algorithms will be any less susceptible, though they are faster so the impact is less. -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2023-Jan-05 15:55 UTC
[Bug 3387] Will future versions of openssh not support DHE because of "dheater" vulnerability :CVE-2002-20001?
https://bugzilla.mindrot.org/show_bug.cgi?id=3387
renmingshuai <rmsh1216 at 163.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |FIXED
Status|NEW |RESOLVED
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2023-Mar-17 02:41 UTC
[Bug 3387] Will future versions of openssh not support DHE because of "dheater" vulnerability :CVE-2002-20001?
https://bugzilla.mindrot.org/show_bug.cgi?id=3387
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
--- Comment #4 from Damien Miller <djm at mindrot.org> ---
OpenSSH 9.3 has been released. Close resolved bugs
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.