SSH sniffer attack poses minor risk
PrintShadow of a doubt
Posted in Security, 18th November 2008 11:31 GMT
Hitachi IT Operations Analyzer: 30-day free trial
UK security researchers have discovered hard-to-exploit cryptographic weaknesses in the Secure Shell (SSH) remote administration protocol.
The shortcoming creates a potential means to recover the plain text of encrypted sessions, depending on remote access configurations. Potential attacks - which would take ninja-like hacking skills to pull off - would involve inducing and observing error conditions. It's much more likely that a potential attack would crash a conversation than yield useful results.
Switching the mode of SSH links from block-cipher (CBC) to stream cipher modes would thwart any potential attack, which is confirmed to affect OpenSSH. Commercial versions of SSH are also affected, to an even more modest extent. SSH Communications Security has released an advisory urging users to update its SSH Tectia clients and server software. In the case of SSH Communications, four bits of plain text might be recovered by eavesdropping on conversations on vulnerable systems compared to 32 bits or, more realistically, 14 bits from an arbitrary block of ciphertext on OpenSSH systems.
The cryptographic shortcoming was discovered by researchers at the Information Security Group at Royal Holloway, University of London. More details on the flaw can be found in an advisory from the Centre for the Protection of National Infrastructure (CPNI) here. ®
Systems management simplified
Total cost of ownership of Dell, HP and IBM blade solutions
Out-of-box comparison between Dell, HP, and IBM blade servers
Optimizing the data center for cost and efficiency
The easiest Siebel CRM installation on the market today