| VID |
14008 |
| Severity |
20 |
| Port |
22 |
| Protocol |
TCP |
| Class |
Ssh |
| Detailed Description |
The version of the SSH Server contains an AllowedAuthentications configuration overriding vulnerability.
Secure Shell is the commercial SSH implementation distributed and maintained by SSH Communications. It is available for the Unix, Linux, and Microsoft Windows platforms. The older versions than 3.1.2 and newer or equal to 3.0.0 of SSH contains a vulnerability that may, under some circumstances, allow remote users to authenticate using a password whereas it is not explicitely listed as a valid authentication mechanism. This could allow a user to authenticate using a different or weaker means, such as a password. In such a situation where stronger authentication protocols are in place, and system user accounts have been secured with weak passwords, an attacker may be able to gain access to the system using the weak password, rather than the strong authentcation scheme. An attacker may use this flaw to attempt to a brute force attack using dictionary files. |
| Recommendation |
1. A workaround is to use "RequiredAuthentications" keyword instead of "AllowedAuthentications" in sshd2_config:
RequiredAuthentications
hostbased, publickey
2. Upgrade to version 3.1.2 of SSH which solves this problem:
SSH Communications Security Upgrade ssh-3.1.2.tar.gz
ftp://ftp.ssh.com/pub/ssh/ssh-3.1.2.tar.gz |
| Related URL |
CVE-2002-1646 (CVE) |
| Related URL |
4810 (SecurityFocus) |
| Related URL |
9163 (ISS) |
|
