SSH Tectia CBC Mode Error Handling May Let Certain Remote Users Obtain Plain Text in Certain Cases
|
SecurityTracker Alert ID: 1021236 |
SecurityTracker URL: http://securitytracker.com/id/1021236
|
CVE Reference:
CVE-2008-5161
(Links to External Site)
|
Updated: Nov 21 2008
|
Original Entry Date: Nov 17 2008
|
Impact:
Disclosure of user information
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 4.x, 5.x, 6.x
|
Description:
A vulnerability was reported in SSH Tectia. A remote user with control of the network can obtain portions of plain text in certain cases.
A remote user with control of the network between the client and the server can inject connection errors and monitor the SSH error handling response to recover up to 32 bits of plain text from an SSH-protected connection.
The attack process will terminate the SSH connection.
CBC mode connections are affected.
CTR mode connections are not affected.
Martin Albrecht, Kenny Paterson, and Gaven Watson from the Information Security Group at Royal Holloway, University of London reported this vulnerability via the Centre for the Protection of National Infrastructure (CPNI).
The original advisory is available at:
http://www.cpni.gov.uk/Docs/Vulnerability_Advisory_SSH.txt
|
Impact:
A remote user with control of the network can obtain portions of plain text in certain cases.
|
Solution:
The vendor has issued the following fixed versions:
SSH Tectia Client and Server and ConnectSecure 6.0.5
SSH Tectia Client and Server and Connector 5.3.9
SSH Tectia Client and Server and Connector 5.2.5
SSH Tectia Client and Server and Connector 4.4.12
SSH Tectia Server for Linux on IBM System z 6.0.5
SSH Tectia Server for IBM z/OS 6.0.2
SSH Tectia Server for IBM z/OS 5.5.2
SSH Tectia Client 4.3.4-J (Japanese)
The vendor's advisory is available at:
http://www.ssh.com/company/news/article/953/
|
Vendor URL: www.ssh.com/company/news/article/953/ (Links to External Site)
|
Cause:
Randomization error
|
Underlying OS: Linux (Any), UNIX (Any), Windows (Any), z/OS
|
|
Message History:
None.
|
Source Message Contents
|
|
[Original Message Not Available for Viewing]
|
|