« EU data breach notification laws on the way | Main
SSH flaw could still cause problems
A highly dangerous SSH flaw discovered a few months ago could still cause your organisation headaches, according to security experts.
The vulnerability was first made public when it emerged last November that researchers at Royal Holloway's Information Security Group had found the flaw, which could allow hackers access to sensntive data.
SSH, or the Secure Shell Protocol, was designed to provide a secure channel between networked devices by encrypting data and is widely used by system administrators to allow them to securely access remote systems and to transfer sensitive data across the internet, according to the ISG.
The team duly discovered a basic design flaw which opens up the possibility of limited plaintext recovery attacks against SSH.
Although the attack is difficult to achieve, it is a very dangerous flaw given the fact that SSH is meant to be bullet-proof, and because of what it is meant to protect.
And although the open source implementation of SSH, OpenSSH, as well as a commercial product techTIA, have been updated to include protection for the flaw, firms could still be at risk, according to Gartner analyst John Pescatore.
"If you're using an inexpensive web hoster, query them to make sure they've patched the flaw," he said. "In addition, quite often these open source technologies are built into other pieces of software, so it's important to check if you have some in use, in places you didn't know about."
He advised firms undertake vulnerability scans of their systems to detect if they are running any unpatched versions of SSH.
May 18, 2009 | Permalink
are you guys serious? "dangerous flaw"???
at best, you could potentially get 4bytes of plaintext...with an extreme amount of luck and processing power.
Posted by :anonymous researcher | May 19, 2009 4:18 AM
Highly dangerous? Not according to the developers of OpenSSH. :-P
cheers,
--dr
Posted by :Dragos Ruiu | May 19, 2009 6:16 AM