SSH Secure Shell Server Discloses Host Key to Local Users and Remote Authenticated Users
|
|
SecurityTracker Alert ID: 1014344 |
|
SecurityTracker URL: http://securitytracker.com/id/1014344
|
|
CVE Reference:
CAN-2005-2146
(Links to External Site)
|
Updated: Jul 7 2005
|
Original Entry Date: Jun 30 2005
|
Impact:
Disclosure of authentication information
|
Vendor Confirmed: Yes Exploit Included: Yes
|
Version(s): All Versions
|
Description:
A vulnerability was reported in SSH Secure Shell Server, affecting Windows-based systems. A local user or remote authenticated user can obtain the host key.
The SSH Secure Shell Server running on Windows does not set proper file permissions on the host key. A local user or a remote authenticated user can access the host key without having the required administrative privileges. The user can copy this key and then install the key on a malicious server to masquerade as the original server.
|
Impact:
A local user or remote authenticated user can obtain the host key and use this key to masquerade as the target server.
|
Solution:
A fixed version is not available. As a workaround, the host key file can be made readable only for the Administrator group. The default location of the secret part of the host key is:
C:\Program Files\SSH Communications Security\SSH Secure Shell Server\hostkey
The vendor strongly recommends updating all old Windows server keys.
See the vendor's advisory for some important additional information:
http://www.ssh.com/company/newsroom/article/653/
|
Vendor URL: www.ssh.com/company/newsroom/article/653/ (Links to External Site)
|
Cause:
Access control error
|
Underlying OS:
Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Thu, 30 Jun 2005 16:52:13 -0400
Subject: http://www.ssh.com/company/newsroom/article/653/
|
> SSH Tectia Server Private Key Permission Vulnerability in Windows
|
|
