Eygene Ryabinkin
2008-Nov-19 05:21 UTC
Plaintext recovery attack in SSH, discovered by CPNI?
Good day.
Just came across the following list in the oss-security list:
http://www.cpni.gov.uk/Docs/Vulnerability_Advisory_SSH.txt
People are saying that this vulnerability was tested for Debian's ;))
OpenSSH 4.7p1, but they generally believe that any RFC-compliant
implementation should have this if CBC mode is used. The advisory says
that CTR mode is safe, but I see that at least for FreeBSD's OpenSSH
(OpenSSH_5.1p1) still uses various ciphers in the CBC mode as the
preferential ones. Perhaps we should just change the default
ciphersuites order?
So, it is interesting what OpenSSH developers can tell about this:
I had seen no words about this at http://openssh.org/security.html
and relese notes, so if you can -- please, comment on this.
Thanks!
--
Eygene
_ ___ _.--. #
\`.|\..----...-'` `-._.-'_.-'` # Remember that it is hard
/ ' ` , __.--' # to read the on-line manual
)/' _/ \ `-_, / # while single-stepping the kernel.
`-'" `"\_ ,_.-;_.-\_ ', fsc/as #
_.-'_./ {_.' ; / # -- FreeBSD Developers handbook
{_.-``-' {_/ #
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
Url :
http://lists.freebsd.org/pipermail/freebsd-security/attachments/20081119/896bce0e/attachment.pgp
Eygene Ryabinkin
2008-Nov-19 05:23 UTC
Plaintext recovery attack in SSH, discovered by CPNI?
Wed, Nov 19, 2008 at 04:20:58PM +0300, Eygene Ryabinkin wrote:> Just came across the following list in the oss-security list:^^^^ Err, wanted to say "link" ;)) -- Eygene _ ___ _.--. # \`.|\..----...-'` `-._.-'_.-'` # Remember that it is hard / ' ` , __.--' # to read the on-line manual )/' _/ \ `-_, / # while single-stepping the kernel. `-'" `"\_ ,_.-;_.-\_ ', fsc/as # _.-'_./ {_.' ; / # -- FreeBSD Developers handbook {_.-``-' {_/ # -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 195 bytes Desc: not available Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20081119/19a7a3c4/attachment.pgp
Eygene Ryabinkin
2008-Nov-20 21:50 UTC
Plaintext recovery attack in SSH, discovered by CPNI?
Me again. Wed, Nov 19, 2008 at 04:20:58PM +0300, Eygene Ryabinkin wrote:> Just came across the following list in the oss-security list: > http://www.cpni.gov.uk/Docs/Vulnerability_Advisory_SSH.txtFor you interest, CVE was created and it has some interesting links inside (SANS one explains some general trends): http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5161 It seems that some vendors are moving to the CTR encryption mode as the default one. Does anyone has something to say about this? As I understand, the advisory from CPNI is public, so there is no point to refraining from discuissing this in the open lists. OpenSSH people, I understand that this is not just "two day business", but can you at least drop a mail that you're investigating this? Thanks a lot. -- Eygene _ ___ _.--. # \`.|\..----...-'` `-._.-'_.-'` # Remember that it is hard / ' ` , __.--' # to read the on-line manual )/' _/ \ `-_, / # while single-stepping the kernel. `-'" `"\_ ,_.-;_.-\_ ', fsc/as # _.-'_./ {_.' ; / # -- FreeBSD Developers handbook {_.-``-' {_/ # -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 195 bytes Desc: not available Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20081121/ae50b59a/attachment.pgp
Christian Weisgerber
2008-Nov-21 05:26 UTC
Plaintext recovery attack in SSH, discovered by CPNI?
Eygene Ryabinkin <rea-fbsd@codelabs.ru> wrote:> So, it is interesting what OpenSSH developers can tell about this: > I had seen no words about this at http://openssh.org/security.html > and relese notes, so if you can -- please, comment on this.http://www.openssh.com/txt/cbc.adv -- Christian "naddy" Weisgerber naddy@mips.inka.de