CERT-In Vulnerability Note CIVN-2009-04
Vulnerability in the Solaris Secure Shell (SSH)
Original Issue Date:January 12, 2009
Severity Rating:
High
Systems Affected
Overview
A vulnerability has been reported in Sun Solaris Secure Shell that may expose some plain text from encrypted traffic.
Description
The vulnerability exists, when used with CBC-mode ciphers and SSH protocol version 2, may allow a remote unprivileged user who is able to intercept SSH network traffic to gain access to a portion of plain text information from intercepted traffic which would otherwise be encrypted.
Workaround
This issue only occurs when CBC mode ciphers are in use in Solaris 9 and 10. Disable the use of those ciphers, by editing the sshd_config file for a Sun SSH server to remove all references to CBC ciphers within the 'Ciphers' setting of that file will prevent connections to that server from using the CBC ciphers.
SSH server should be restarted after making this change
- For Solaris 10:
- For Solaris 9:
- /etc/init.d/sshd stop; /etc/init.d/sshd start
Vendor Information
Sun
http://sunsolve.sun.com/search/document.do?assetkey=1-66-247186-1
References
Sun
http://sunsolve.sun.com/search/document.do?assetkey=1-66-247186-1
SecurityTracker
http://securitytracker.com/alerts/2008/Dec/1021382.html
AusCERT
http://www.auscert.org.au/render.html?it=10163
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Phone: +91-11-24368572
Postal address
Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003
|
