Users login

Create an account »


Users login

Home » Hacking News » FreeBSD-SA-01:24 Security Advisory

FreeBSD-SA-01:24 Security Advisory

by Phiber on February 13th, 2001 OpenSSH is an implementation of the SSH1 and SSH2 secure shell protocols for providing encrypted and authenticated network access, which is available free for unrestricted use.

An SSH1 client/server (ssh) from is included in the ports collection. This software is not available free of charge for all uses, and the FreeBSD Security Officer does not recommend its use.
Problem: SSH1 implementations may allow remote system, data compromise.

There are two flaws in the SSH1 protocol as implemented by OpenSSH and ssh...


Vulnerability 1:

An integer overflow may allow arbitrary remote users to obtain root permissions on the server running sshd. This is due to a coding mistake in code intended to work around a protocol flaw in the SSH1 protocol.
This vulnerability was corrected in OpenSSH 2.3.0, which was committed to FreeBSD 4.2-STABLE on 2000-12-05.

Vulnerability 2:

Remote attackers who can observe the encrypted contents of a user's SSH1 session, and who have the ability to mount large numbers of connections fo the SSH1 server may be able to break the transient server key used by the server to negotiate encryption parameters for the session, and from there can decrypt the entire contents of the snooped connection.
The transient key has a lifetime of only one hour by default, but all snooped SSH1 sessions captured within this timeframe may be broken if the attack is successful.

This attack is mitigated by the requirement to initiate large numbers of SSH1 protocol connections to the server during the lifetime of the key. On average a sustained connection rate of around 400 connections and SSH1 protocol handshakes must be carried out per second to have a high chance of succeeding within the 1 hour lifetime of the server key. OpenSSH contains rate-limiting code which will limit the number of outstanding connections to a fraction of this number in the default configuration, and computational and network limitations may reduce this number still further.
Therefore, though the potential impact of this flaw is great, it is made very difficult to exploit in practice. However, note that even though the chances of success are reduced, the vulnerability is not eliminated.

Fix and other info. are available in the advisory.

Download this advisory


Visit FreeBSD Security

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.


Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »