SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Security)  >   SSH Vendors:   SSH Communications
SSH Secure Shell Server Discloses Host Key to Local Users and Remote Authenticated Users
SecurityTracker Alert ID:  1014344
SecurityTracker URL:  http://securitytracker.com/id/1014344
CVE Reference:   CVE-2005-2146   (Links to External Site)
Updated:  Jul 7 2005
Original Entry Date:  Jun 30 2005
Impact:   Disclosure of authentication information
Vendor Confirmed:  Yes  Exploit Included:  Yes  
Version(s): All Versions
Description:   A vulnerability was reported in SSH Secure Shell Server, affecting Windows-based systems. A local user or remote authenticated user can obtain the host key.

The SSH Secure Shell Server running on Windows does not set proper file permissions on the host key. A local user or a remote authenticated user can access the host key without having the required administrative privileges. The user can copy this key and then install the key on a malicious server to masquerade as the original server.

Impact:   A local user or remote authenticated user can obtain the host key and use this key to masquerade as the target server.
Solution:   A fixed version is not available. As a workaround, the host key file can be made readable only for the Administrator group. The default location of the secret part of the host key is:

C:\Program Files\SSH Communications Security\SSH Secure Shell Server\hostkey

The vendor strongly recommends updating all old Windows server keys.

See the vendor's advisory for some important additional information:

http://www.ssh.com/company/newsroom/article/653/

Vendor URL:  www.ssh.com/company/newsroom/article/653/ (Links to External Site)
Cause:   Access control error
Underlying OS:  Windows (Any)

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC