This is the mail archive of the
cygwin@sources.redhat.com
mailing list for the Cygwin project.
[Markus.Friedl@informatik.uni-erlangen.de: OpenSSH is _not_ vulnerable the several known problems in SSH-1]
- To: cygwin <cygwin at cygwin dot com>
- Subject: [Markus.Friedl@informatik.uni-erlangen.de: OpenSSH is _not_ vulnerable the several known problems in SSH-1]
- From: Corinna Vinschen <cygwin at cygwin dot com>
- Date: Thu, 15 Feb 2001 18:07:43 +0100
Just as an FYI. Dedicated to all here using SSH1 protocol.
Corinna
----- Forwarded message from Markus Friedl <Markus.Friedl@informatik.uni-erlangen.de> -----
Date: Thu, 15 Feb 2001 09:13:41 +0100
From: Markus Friedl <Markus.Friedl@informatik.uni-erlangen.de>
Subject: OpenSSH is _not_ vulnerable the several known problems in SSH-1
To: openssh-unix-dev@mindrot.org, ssh@clinet.fi, security-announce@openbsd.org,
misc@openbsd.org
Cc: bugtraq@securityfocus.com
-----------------------------------------------------------------------
Special OpenBSD Security Note
February 14, 2001
OpenSSH is _not_ vulnerable the several known problems in SSH-1
-----------------------------------------------------------------------
The CERT Coordination Center has published the following notes about
weaknesses in various SSH protocol version 1 implementations.
Since many people using OpenSSH are worried about these issues,
we decided to publish these notes.
1) http://www.kb.cert.org/vuls/id/565052
"Passwords sent via SSH encrypted with RC4 can be easily cracked"
2) http://www.kb.cert.org/vuls/id/665372
"SSH connections using RC4 and password authentication can be
replayed"
3) http://www.kb.cert.org/vuls/id/25309
"Weak CRC allows RC4 encrypted SSH packets to be modified without
notice"
4) http://www.kb.cert.org/vuls/id/684820
"SSH allows client authentication to be forwarded if encryption
is disabled"
5) http://www.kb.cert.org/vuls/id/315308
"Last block of IDEA-encrypted SSH packet can be changed without
notice"
6) http://www.kb.cert.org/vuls/id/786900
"SSH host key authentication can be bypassed when DNS is used
to resolve localhost"
7) http://www.kb.cert.org/vuls/id/118892
"Older SSH clients do not allow users to disable X11 forwarding"
OpenSSH is _not_ vulnerable to #1, #2 and #3 since OpenSSH does not
allow RC4 in its SSH protocol 1 implementation.
OpenSSH is _not_ vulnerable to #4 since OpenSSH does not allow
encryption to be disabled.
OpenSSH is _not_ vulnerable to #5 since OpenSSH does not support
IDEA.
OpenSSH is _not_ vulnerable to #6 since OpenSSH does not resolve
"localhost". OpenSSH uses the resolved IP-address and disables the
host key authentication for 127.0.0.1 only.
OpenSSH is _not_ vulnerable to #7 since OpenSSH permits users to
disable X11 forwarding, and this is the default configuration in
the OpenSSH client.
The SSH protocol version 2 (a.k.a. SecSH) is not affected by problems
#1, #2, #3, #4 and #5.
The OpenSSH client currenly defaults to preferring SSH-1 protocol
over SSH-2 protocol, but in a future release the default will soon
change, since the SSH-2 protocol support has improved considerably.
-----------------------------------------------------------------------
----- End forwarded message -----
--
Corinna Vinschen
Cygwin Developer
Red Hat, Inc.
mailto:vinschen@redhat.com
--
Want to unsubscribe from this list?
Check out: http://cygwin.com/ml/#unsubscribe-simple