SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Security)  >   SSH Vendors:   SSH Communications
SSH Secure Shell ASN.1 Parsing Flaws Lets Remote User Crash the Application or Host
SecurityTracker Alert ID:  1007851
SecurityTracker URL:  http://securitytracker.com/id/1007851
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Oct 1 2003
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 3.0 to 3.2.5
Description:   A vulnerability was reported in SSH Secure Shell in the decoding of ASN.1 BER/DER-encoded packets. A remote user can cause the target SSH process (and potentially the target host) to crash.

It is reported that a remote user can send malformed BER/DER packets to the target host to potentially cause the target host to crash.

The vendor notes that the non-commercial versions of SSH Secure Shell (Unix) are not affected, as the non-commercial versions do not contain ASN.1 related libraries.

Customers of the commercial version that use password authentication only or that allow public key authentication WITHOUT specifying the "Pki" keyword in the server configuration file (sshd2_config) are not vulnerable, the report said.

Impact:   A remote user can cause the target application or possibly the target host to crash.
Solution:   The vendor has released a fixed version (3.2.9), available at:

http://www.ssh.com/support/downloads/

Updating SSH Secure Shell from 3.1.x to 3.2.5

If you have a commercial license for 3.1.x or 3.2.x versions, you can install the 3.2.9
version binaries on top of the old 3.1.x or 3.2.x ones.

Also, the following updates are available:

SSH Secure Shell for Workstations 3.2:

http://www.ssh.com/support/downloads/secureshellwks/updates-and-packages-3-2.html

SSH Secure Shell for Servers 3.2:

http://www.ssh.com/support/downloads/secureshellserver/updates-and-packages-3-2.html

SSH Secure Shell for Windows Servers 3.2:

http://www.ssh.com/support/downloads/secureshellwinserver/updates-and-packages-3-2.html

Vendor URL:  www.ssh.com/company/newsroom/article/476/ (Links to External Site)
Cause:   Input validation error, State error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)

Message History:   None.


 Source Message Contents

Subject:  http://www.ssh.com/company/newsroom/article/476/


http://www.ssh.com/company/newsroom/article/476/

 > SSH Secure Shell Security Vulnerability in BER Decoding

SSH Communications reported that SSH Secure Shell contains a vulnerability in the decoding 
of ASN.1 BER/DER encoded packets.  A remote user can send malformed BER/DER packets to the 
target host to potentially cause the target host to crash.  All versions from 3.0 to 3.2.5 
are affected.

The vendor notes that the non-commercial versions of SSH Secure Shell (Unix) are not 
affected, as the non-commercial versions do not contain ASN.1 related libraries.

SSH Communications indicates that you are not vulnerable if [quoted]:

- "You are using password authentication only

- You use the non-commercial Unix distribution that does not contain the PKI functionality.

- You allow public key authentication WITHOUT specifying the "Pki" keyword in the server 
configuration file (sshd2_config)."


The vendor has released a fixed version (3.2.9), available at:

http://www.ssh.com/support/downloads/

Updating SSH Secure Shell from 3.1.x to 3.2.5

If you have a commercial license for 3.1.x or 3.2.x versions, you can install the 3.2.9 
version binaries on top of the old 3.1.x or 3.2.x ones.

Also, the following updates are available:

SSH Secure Shell for Workstations 3.2:

http://www.ssh.com/support/downloads/secureshellwks/updates-and-packages-3-2.html

SSH Secure Shell for Servers 3.2:

http://www.ssh.com/support/downloads/secureshellserver/updates-and-packages-3-2.html

SSH Secure Shell for Windows Servers 3.2:

http://www.ssh.com/support/downloads/secureshellwinserver/updates-and-packages-3-2.html





 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC