Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: SSH1 vulnerability ?

From: Peter van Dijk <peter () DATALOSS NL>
Date: Mon, 12 Feb 2001 14:58:32 +0100
On Sat, Feb 10, 2001 at 03:08:11PM +0200, Tatu Ylonen wrote:

On Fri, 9 Feb 2001, Christophe Dupre wrote (on the ssh () client fi list):

I just read Razor's vulnerability advisory, as reported on slashdot.
Any truth to it, or is it another wannabe ?


I suppose you are referring to this one:

"Bindview released an advisory yesterday warning us that "[a]n
integer-overflow problem is present in common code of recent
ssh daemons, deattack.c, which was developed by CORE SDI to protect
against cryptographic attacks on SSH protocol. [...] This effectively
allows an attacker to overwrite arbitrary portions of memory"


SSH2 is not vulnerable to this issue at all.  Thus, if you are
using ssh-2.4.0, or any earlier version of SSH2, you are safe.

The vulnerability only affects the SSH1 protocol.  The bug in the deattack


This is incorrect. The CRC compensation attack affects the SSH1
protocol. This new vulnerability, however, only affects ssh1
implementations based on the original ssh-1.xx tree from the now
ssh.com people, incorporating a 'fix' for the CRC compensation attack.
This fix is broken.

Rephrasing: the SSH1 protocol has a weakness. One implementation of
the fix is vulnerable.


The effect of this particular vulnerability is that it may allow a highly
advanced attacker to insert commands into an SSH1 session using an active
network-level attack together with a cryptographic attack.  I consider
this something that needs to be fixed (the real fix is to move to SSH2),
but it is not an immediate threat.


Not 'this' vulnerability. The old CRC compensation attack
vulnerability.

[snip]

Ssh-2.4.0 is available from www.ssh.com (or ftp://ftp.ssh.com/pub/ssh),
and is completely free for any use on Linux, FreeBSD, NetBSD, and OpenBSD,
as well as for use by universities and charity organizations, and for
personal hobby/recreational use by individuals.


This message from Tatu is pure blatant marketing. It points out
potential weaknesses in the ssh1 protocol that we knew about already,
applying incorrect statements to either vulnerability (the one in the
protocol and the one in the fix from their sourcetree), and then goes on
about how the fix is to move to ssh.com's ssh2 software. It is *not* the
only implementation!

Greetz, Peter.
Previous By Date Next
Previous By Thread Next

Current thread: