Bugtraq mailing list archives

Re: OpenSSH security advisory: cbc.adv

From: Fabian Hänsel <fabtagon () gmx de>
Date: Mon, 24 Nov 2008 23:46:52 +0100

"Nick Boyce" <nick.boyce () gmail com> wrote:

[ahem] ... Sorry to be dumb, but ...

On Fri, Nov 21, 2008 at 10:19 AM, Damien Miller <djm () cvs openbsd org>
wrote:

Based on the description contained in the CPNI report and a slightly
more detailed description forwarded by CERT this issue appears to be
substantially similar to a known weakness in the SSH binary packet
protocol first described in 2002 by Bellare, Kohno and Namprempre
[2]. The new component seems to be an attack that can recover 14
bits of plaintext with a success probability of 2^-14


Could someone please help the uncomprehending [i.e. me :-)] understand
why or whether this is anything to be worried about at all ?

Quick calculator session :
2^(-18) = 0.000003814697265625
2^(-14) = 0.00006103515625

So there is a vanishingly small probability that a Bad Guy may
discover less than 2 characters from my command-line, every time they
try this attack.  And each time they fail, my connection gets rudely
chopped.  Two characters won't help them much.  They'd need to succeed
about ten times per typed command-line to snoop on most of my
sessions.  This weakness is surely of no conceivable use to a Bad Guy


You could still use this attack in DOS scenarios. Through those
connection terminations the service quality is reduced. You could e.g.
lock admins out (prevent security updates, have more time for time-
consuming attacks which would otherwise be reset from time to time
by admins, ...) or reduce transmission rate of security logs by machines
without harddisk using SSH like a VPN to send logs to some central
server or in general could inhibit many vital processes based on SSH.
Thus you could increase your chances of other attacks. And of course
you can attack the service ssh itself.

(all those could be prevented by the use of a VPN - but most people
won't take this effort if they don't really need to do so and therefore
don't have one set up when they would need it)

Best regards
  Fabian

Current thread:

OpenSSH security advisory: cbc.adv Damien Miller (Nov 21)
- Re: OpenSSH security advisory: cbc.adv Otto Moerbeek (Nov 24)
  - Re: Re: OpenSSH security advisory: cbc.adv Guillaume MULLER (Nov 24)
- Re: OpenSSH security advisory: cbc.adv Nick Boyce (Nov 24)
  - Re: OpenSSH security advisory: cbc.adv Damien Miller (Nov 25)
    - Re: OpenSSH security advisory: cbc.adv Nick Boyce (Nov 25)
    - Re: OpenSSH security advisory: cbc.adv Bob Beck (Nov 25)
  - Re: OpenSSH security advisory: cbc.adv Fabian Hänsel (Nov 25)
- <Possible follow-ups>
- Re: Re: OpenSSH security advisory: cbc.adv dennis jackson (Nov 25)