https://bugzilla.mindrot.org/show_bug.cgi?id=3313
Bug ID: 3313
Summary: CVE-2020-14145 - will it get fixed?
Product: Portable OpenSSH
Version: 8.6p1
Hardware: All
OS: All
Status: NEW
Severity: security
Priority: P5
Component: ssh
Assignee: unassigned-bugs@mindrot.org
Reporter: m.kaiser@bmlv.gv.at
The client side in OpenSSH 5.7 through 8.6 has an Observable
Discrepancy leading to an information leak in the algorithm
negotiation. This allows man-in-the-middle attackers to target initial
connection attempts (where no host key for the server has been cached
by the client).
https://docs.ssh-mitm.at/CVE-2020-14145.html
This tool is able to exploit this vulnerability. At the moment, it only
checks, if a client is vulnerable, but implementing a full exploit is
not hard.
Dropbear was not affected by such a vulnerability, because they are
allwys sending the default algorithm list.
PuTTy has integrated an option to disable/enable preffered host key
algorithm order.
Mitigation:
Clients should always preffere the strongest ciphers per default. By
using HostKeyAlgorithms in your configuration file, you need to
maintain the list and add new algorithms in the right order. This is
error prone and most users do not have enough knowledge about pros and
cons of those algorithms.
--
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
Bug ID: 3313
Summary: CVE-2020-14145 - will it get fixed?
Product: Portable OpenSSH
Version: 8.6p1
Hardware: All
OS: All
Status: NEW
Severity: security
Priority: P5
Component: ssh
Assignee: unassigned-bugs@mindrot.org
Reporter: m.kaiser@bmlv.gv.at
The client side in OpenSSH 5.7 through 8.6 has an Observable
Discrepancy leading to an information leak in the algorithm
negotiation. This allows man-in-the-middle attackers to target initial
connection attempts (where no host key for the server has been cached
by the client).
https://docs.ssh-mitm.at/CVE-2020-14145.html
This tool is able to exploit this vulnerability. At the moment, it only
checks, if a client is vulnerable, but implementing a full exploit is
not hard.
Dropbear was not affected by such a vulnerability, because they are
allwys sending the default algorithm list.
PuTTy has integrated an option to disable/enable preffered host key
algorithm order.
Mitigation:
Clients should always preffere the strongest ciphers per default. By
using HostKeyAlgorithms in your configuration file, you need to
maintain the list and add new algorithms in the right order. This is
error prone and most users do not have enough knowledge about pros and
cons of those algorithms.
--
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs