SSH Secure Shell Server Discloses Host Key to Local Users and Remote Authenticated Users
|
|
SecurityTracker Alert ID: 1014344
|
|
SecurityTracker URL: http://securitytracker.com/id?1014344
|
|
CVE Reference: CAN-2005-2146
(Links to External Site)
|
Updated: Jul 7 2005
|
Original Entry Date: Jun 30 2005
|
Impact: Disclosure of authentication information
|
Exploit Included: Yes
Vendor Confirmed: Yes
|
Version(s): All Versions
|
Description: A vulnerability was reported in SSH Secure Shell Server, affecting Windows-based systems. A local user or remote authenticated user can obtain the host key.
The SSH Secure Shell Server running on Windows does not set proper file permissions on the host key. A local user or a remote authenticated
user can access the host key without having the required administrative privileges. The user can copy this key and then install
the key on a malicious server to masquerade as the original server.
|
Impact: A local user or remote authenticated user can obtain the host key and use this key to masquerade as the target server.
|
Solution: A fixed version is not available. As a workaround, the host key file can be made readable only for the Administrator group. The
default location of the secret part of the host key is:
C:\Program Files\SSH Communications Security\SSH Secure Shell Server\hostkey
The
vendor strongly recommends updating all old Windows server keys.
See the vendor's advisory for some important additional information:
http://www.ssh.com/company/new
sroom/article/653/
|
Vendor URL: www.ssh.com/company/newsroom/article/653/ (Links to External Site)
|
Cause: Access control error
|
Underlying OS: Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Thu, 30 Jun 2005 16:52:13 -0400
Subject: http://www.ssh.com/company/newsroom/article/653/
|
> SSH Tectia Server Private Key Permission Vulnerability in Windows
|
|
