| VID |
29064 |
| Severity |
40 |
| Port |
161 |
| Protocol |
UDP |
| Class |
CISCO |
| Detailed Description |
The Cisco IOS has multiple SSH vulnerabilities.
The SSH(Secure Shell) is a widely used client-server application for authentication and encryption of network communications.
1. CRC-32 integrity check vulnerability (Bug ID CSCdt96253) - Due to weaknesses of the CRC-32 integrity function, when used in in CBC (Cipher Block Chaining) or CFB (Cipher Feedback 64 bits) modes, SSH protocol version 1.5 allows an attacker to insert data into an encrypted session. By exploiting this vulnerability, the attacker can insert arbitrary commands in the session after the session has been established. In order for this attack to succeed, an attacker must possess one or two known ciphertext/plaintext pairs. This should not be difficult since every session starts with a greeting screen which is fixed and which can be determined.
2. Traffic analysis (Bug ID CSCdt57231) - By passively monitoring encrypted SSH sessions, an attacker, with the ability to capture packets, can obtain sensitive information. When sending a packet using the SSH protocol, it is padded to the next 8-byte boundary and then encrypted, but the exact length of the data (without the padding) is sent unencrypted. This vulnerability exposes the exact lengths of the passwords used for login authentication. This is only applicable to an interactive session that is being established over the tunnel protected by SSH. This can significantly help an attacker in guessing the password using the brute force attack.
3. Key recovery in SSH protocol 1.5 (Bug ID CSCdu37371) - Due to weakness in the PKCS#1_1.5 public key encryption standard, used by SSH protocol version 1.5, this vulnerability can be exploited to recover arbitrary session keys used for symmetric encryption in SSH connections and decrypt all communications from the connection. In order to exploit this vulnerability, an attacker must be able to sniff the SSH session and be able to establish a connection to the SSH server. In order to recover the server key, an attacker must perform an additional 2^20+2^19=1572864 connections. Since the key has a lifespan of about an hour, this means that an attacker must perform around 400 connections per second.
* Note: This check solely relied on the version number of the remote system to assess this vulnerability, so this might be a false positive. Also, it requires a read access SNMP community string to collect the version number. To provide this access, add the valid community string to the check item, "snmp/guessable/r" from the Policy Editor.
* References:
http://www.cert.org/advisories/CA-2001-35.html
http://www.core-sdi.com/soft/ssh/ssh.pdf
http://www.openwall.com/advisories/OW-003-ssh-traffic-analysis.txt
http://www.securityfocus.com/archive/1/161150
* Platforms Affected:
IOS All 12.0 and later releases that include support for SSH.
PIX 5.2(5) and 5.3.(1)
CatOS 6.2(0.110)
CSS 11000 All WebNS releases prior, but excluding, versions: R4.01 B42s, R4.10 B22s, R5.0 B11s, R5.01 B6s |
| Recommendation |
Upgrade to the fixed version of Cisco IOS, as listed in the "Software Versions and Fixes" of Cisco Security Advisory(multiple SSH Vulnerabilities): http://www.cisco.com/warp/public/707/SSH-multiple-pub.html .
Upgrades should be obtained through the Software Center on Cisco's Worldwide Website at http://www.cisco.com .
For details, see also http://www.cisco.com/warp/public/707/SSH-multiple-pub.html |
| Related URL |
CVE-1999-1085,CVE-2001-0572,CVE-2001-0361 (CVE) |
| Related URL |
2344 (SecurityFocus) |
| Related URL |
1126,6082,6783 (ISS) |
|
