OpenSSH 7.0 Fixes Four Flaws and other issues

Pierluigi Paganini August 14, 2015

A new version of OpenSSH is available, the new release of OpenSSH 7.0 fixes four security flaws and several other bugs. Update it!

A new version of OpenSSH is available, the new release of OpenSSH 7.0 fixes four security flaws and several other bugs.

Then new OpenSSH 7.0 fixes a use-after-free vulnerability and three other flaws, two of which only affect the version Portable OpenSSH.

One of the vulnerabilities patched in version 7.0, a fix for circumvention of MaxAuthTries using keyboard- interactive authentication,  is an issue with the way OpenSSH handles some authentication requests.

“By specifying a long, repeating keyboard-interactive “devices” string, an attacker could request the same authentication method be tried thousands of times in a single pass. The LoginGraceTime timeout in sshd(8) and any authentication failure delays implemented by the authentication mechanism itself were still applied,” states the release notes.

One of the bugs in the Portable OpenSSH is a use-after-free that could be exploited by attackers to remote code execution.

“Fixed a use-after-free bug related to PAM support that was reachable by attackers who could compromise the pre-authentication process for remote code execution,” continues the advisory.

Encryption-820x420

The other vulnerability that affects only the Portable OpenSSH could be also exploited to remote code execution.

“Fixed a privilege separation weakness related to PAM support. Attackers who could successfully compromise the pre-authentication process for remote code execution and who had valid credentials on the host could impersonate other users,” the advisory says.

The maintainers of the OpenSSH project also announced that the next version of the software, the OpenSSH 7.1, would deprecate several old cipher suites and cryptographic algorithms because they are no longer secure.

The list of changes includes:

  • Refusing all RSA keys smaller than 1024 bits (the current minimum is 768 bits)
  • Several ciphers will be disabled by default: blowfish-cbc, cast128-cbc, all arcfour variants and the rijndael-cbc aliases for AES.
  • MD5-based HMAC algorithms will be disabled by default.

Pierluigi Paganini

(Security Affairs – OpenSSH 7, encryption)



you might also like

leave a comment