|
|
|
Security Updates and Reflection for Secure IT
Technical Note 2288
Last Reviewed 19-Dec-2008
Applies To
Reflection for Secure IT UNIX Client version 7.0 or higher
Reflection for Secure IT UNIX Server version 7.0 or higher
Reflection for Secure IT Windows Server version 7.0 or higher
Reflection for Secure IT Windows Client version 7.0 or higher
Reflection for Secure IT UNIX Client version 6.x
Reflection for Secure IT UNIX Server version 6.x
Reflection for Secure IT Windows Server version 6.x
F-Secure SSH Client for UNIX version 3.2.3 through 5.x
F-Secure SSH Server for UNIX version 3.2.3 through 5.x
F-Secure SSH Client for Windows version 5.1 through 5.4
F-Secure SSH Server for Windows version 5.1 through 5.3
Summary
Technical Note 2288
Last Reviewed 19-Dec-2008
Applies To
Reflection for Secure IT UNIX Client version 7.0 or higher
Reflection for Secure IT UNIX Server version 7.0 or higher
Reflection for Secure IT Windows Server version 7.0 or higher
Reflection for Secure IT Windows Client version 7.0 or higher
Reflection for Secure IT UNIX Client version 6.x
Reflection for Secure IT UNIX Server version 6.x
Reflection for Secure IT Windows Server version 6.x
F-Secure SSH Client for UNIX version 3.2.3 through 5.x
F-Secure SSH Server for UNIX version 3.2.3 through 5.x
F-Secure SSH Client for Windows version 5.1 through 5.4
F-Secure SSH Server for Windows version 5.1 through 5.3
Summary
This technical note describes security issues related to security features (including FIPS validation) in Reflection for Secure IT and F-Secure SSH. If you use these features, you should consult this technical note on a regular basis for any updated information regarding these features.
This note is organized into the following topics:
Reporting a Potential Security Vulnerability to Attachmate
Security Update and Other Reflection Products
Reflection for Secure IT Versions 7.0 or Higher
Security Update and Other Reflection Products
Reflection for Secure IT Versions 7.0 or Higher
Security and Reflection 7.0 or Higher
FIPS (Federal Information Processing Standard) Validation and Reflection 7.0 or Higher
Security Alerts and Advisories for Reflection 7.0 or Higher
Reflection for Secure IT Version 6.x and F-Secure SSHFIPS (Federal Information Processing Standard) Validation and Reflection 7.0 or Higher
Security Alerts and Advisories for Reflection 7.0 or Higher
Security and Reflection 6.x and F-Secure SSH
FIPS (Federal Information Processing Standards ) Validation and Reflection 6.x and F-Secure SSH
Security Alerts and Advisories and Reflection 6.x and F-Secure SSH
Security and Your Operating SystemFIPS (Federal Information Processing Standards ) Validation and Reflection 6.x and F-Secure SSH
Security Alerts and Advisories and Reflection 6.x and F-Secure SSH
IMPORTANT: The security for all of the Reflection products using the Reflection security features depends upon the security of the operating system, host, and network environment. Attachmate strongly recommends that you evaluate and implement all relevant security service packs, updates, and patches recommended by your operating system, host, and network manufacturers.
Reporting a Potential Security Vulnerability to Attachmate
If you are aware of a potential security vulnerability in Attachmate's Reflection products that is not listed on this document, see Technical Note 1890 for details about reporting the issue to the Attachmate Computer Emergency Response Team (CERT).
Security Update and Other Reflection Products
The following table lists security information regarding other Reflection products.
| Product Name |
Security Technical Note |
| All Reflection Products |
1700 |
| Reflection for the Web |
1704 |
| Reflection for HP Reflection for UNIX and OpenVMS Reflection for ReGIS Graphics Reflection for IBM Reflection X Reflection for Secure IT Windows Client 6.x |
1708 |
Reflection for Secure IT Versions 7.0 or Higher
This section applies to the following products and versions:
Reflection for Secure IT UNIX Client version 7.0 or higher
Reflection for Secure IT UNIX Server version 7.0 or higher
Reflection for Secure IT Windows Server version 7.0 or higher
Reflection for Secure IT Windows Client version 7.0 or higher
Reflection for Secure IT UNIX Server version 7.0 or higher
Reflection for Secure IT Windows Server version 7.0 or higher
Reflection for Secure IT Windows Client version 7.0 or higher
Note: Information about Reflection for Secure IT Windows Client version 6.x is not included in this technical note. For information about this product, see Technical Note 1708.
Security and Reflection 7.0 or Higher
This section provides information about Reflection for Secure IT and security.
Current Version
For information about the current version of Attachmate products, see the Product Support Lifecycle at http://support.attachmate.com/programs/lifecycle/.
Product Updates
For information about available product updates, see the release notes for your product.
Maintained customers are eligible to download the latest product releases, service packs, and updates from the Attachmate Download Library web site: https://download.attachmate.com/Upgrades/. For more information about logging into and using the Download Library, see Technical Note 0200.
FIPS (Federal Information Processing Standard) Validation and Reflection 7.0 or Higher
The following versions of the Attachmate Reflection cryptographic library, used in Reflection for validation from the National Institute of Standards and Technology (NIST), certificate #766 and #1027, when operated in FIPS mode. For the latest information on ensuring FIPS mode operation, see
- Technical Note 2273 – 7.0 Windows Server
- Technical Note 2375 – 7.0 SP1 Windows Server
- Technical Note 2389 – 7.0 SP1 UNIX
| Cryptographic Library: rssccm.dll |
Software Version |
Operating System* |
| 1.0.170 |
6.1 SP2 or higher |
Windows (Client) |
| 1.0.170 |
7.0 or higher |
Windows (Server and Client) |
| Cryptographic Library: libssccm.so.2.0.40, libssccm.sl.2.0.40 |
Software Version |
Operating System* |
| 2.0.40 |
7.0 SP1 or higher |
Solaris, Linux, AIX, HP-UX (Server and Client) |
* To view the certificates and security policies, see the Computer Security Division: Computer Security Resource Center on the NIST website:
http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401val2007.htm/#766 (Cert #766)
http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401val2008.htm/#1027 (Cert #1027)
Security Alerts and Advisories for Reflection 7.0 or Higher
The following security alerts and advisories may affect your Reflection installation, or the security of your operating system or network environment. We recommend that you review these alerts and advisories.
Note: This information is non-inclusive—it does not attempt to address all security issues that may affect your system.
| Alert |
Vulnerability Advisory CPNI-957037 |
| Date Posted |
October 2008 |
| Summary |
A design flaw in the SSH protocol use of block ciphers in cipher block chaining mode could allow an attacker to recover up to four bytes of plaintext. Although the severity of the attack is considered high, the likelihood of a successful attack is considered low and results in terminating the user’s SSH connection. |
| Product Status |
For more information about how this vulnerability affects Attachmate products, see Technical Note 2398. |
| Additional Information |
For details, see the Combined Security Incident Response Team - United Kingdom web site at http://www.cpni.gov.uk/Products/3716.aspx. |
| Alert |
Vulnerability Summary CVE-2008-1657 |
| Date Posted |
July 2008 |
| Summary |
OpenSSH 4.4 and other versions before 4.9 allows remote authenticated users to bypass the sshd_config ForceCommand directive by modifying the .ssh/rc session file. |
| Product Status |
The "ForceCommand" keyword is no longer supported as of Reflection for Secure IT UNIX Server version 7.0 SP1 |
| Additional Information |
For details, see the National Vulnerability Database web site at http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1657. |
| Alert |
Vulnerability Summary CVE-2008-1483 |
| Date Posted |
July 2008 |
| Summary |
OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs. |
| Product Status |
This issue is resolved in Reflection for Secure IT UNIX Client version 7.0 SP1 |
| Additional Information |
For details, see the National Vulnerability Database web site at http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1483. |
| Alert |
Vulnerability Summary CVE-2007-3108 |
| Date Posted |
July 2008 |
| Summary |
OpenSSL cyptography vulnerability that could allow and RSA key to be stolen. |
| Product Status |
This issue is resolved in Reflection for Secure IT UNIX Client and Server version 7.0 SP1 |
| Additional Information |
For details, see the National Vulnerability Database web site at http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3108. |
| Alert |
Vulnerability Summary CVE-2006-2937 |
| Date Posted |
July 2008 |
| Summary |
Denial of Service attack using malformed ASN.1 packets. |
| Product Status |
This issue is resolved in Reflection for Secure IT UNIX Client and Server version 7.0 SP1 |
| Additional Information |
For details, see the National Vulnerability Database web site at http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-2937. |
| Alert |
Vulnerability Summary CVE-2006-2940 |
| Date Posted |
July 2008 |
| Summary |
Denial of Service attack using parasitic public keys. |
| Product Status |
This issue is resolved in Reflection for Secure IT UNIX Client and Server version 7.0 SP1 |
| Additional Information |
For details, see the National Vulnerability Database web site at http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-2940. |
| Alert |
Vulnerability Summary CVE-2007-4752 |
| Date Posted |
September 2007 |
| Summary |
ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted. |
| Product Status |
Attachmate SSH clients (including Reflection for Secure IT and Reflection X) do not have this OpenSSH vulnerability. Note: Reflection for Secure IT UNIX Clients versions 6.x and 7.0 support trusted X11 forwarding, but do not have the vulnerability. |
| Additional Information |
For details, see the National Vulnerability Database web site at http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4752. |
Reflection for Secure IT Version 6.x and F-Secure SSH
This section applies to the following products and versions:
Reflection for Secure IT UNIX Client version 6.x
Reflection for Secure IT UNIX Server version 6.x
Reflection for Secure IT Windows Server version 6.x
F-Secure SSH Client for UNIX version 3.2.3 through 5.x
F-Secure SSH Client for Windows version 5.1 through 5.4
F-Secure SSH Server for UNIX version 3.2.3 through 5.x
F-Secure SSH Server for Windows version 5.1 through 5.3
Reflection for Secure IT UNIX Server version 6.x
Reflection for Secure IT Windows Server version 6.x
F-Secure SSH Client for UNIX version 3.2.3 through 5.x
F-Secure SSH Client for Windows version 5.1 through 5.4
F-Secure SSH Server for UNIX version 3.2.3 through 5.x
F-Secure SSH Server for Windows version 5.1 through 5.3
Note: Information about Reflection for Secure IT Windows Client version 6.x is not included in this technical note. For information about this product, see Technical Note 1708.
Security and Reflection 6.x and F-Secure SSH
This section provides information about Reflection for secure IT and security.
Note the following:
- Beginning in version 6.0, the F-Secure SSH product line is renamed Reflection for Secure IT.
- This technical note does not apply to Reflection for Secure IT Windows Client version 6.0 or higher. For security updates regarding the Reflection for Secure IT Windows Client 6.x, see Technical Note 1708.
Current Version
For information about the current version of Attachmate products, see the Product Support Lifecycle at http://support.attachmate.com/programs/lifecycle/.
Product Updates
To determine if any updates are available for the current version of your Reflection product, see Technical Note 1619, Reflection Patch Topics.
FIPS (Federal Information Processing Standards ) Validation and Reflection 6.x and F-Secure SSH
The following versions of the F-Secure SSH cryptographic libraries, used in Reflection for Secure IT version 6.0 or higher and F-Secure SSH version 5.x, have received FIPS 140-2 validation from the National Institute of Standards and Technology (NIST), certificate #494 and #493. (When operated in FIPS mode.)
| Cryptographic Library: fsclm.dll |
Software Version |
Operating System* |
| 2.2.12 |
6.1 SP2** |
Windows |
| 2.2.7 |
6.0 or higher |
Windows |
| 2.2.5 |
5.3 (Server) 5.4 (Client) |
Windows |
| Cryptographic Library: libfsclm.so.1.1115 |
Software Version |
Operating System* |
| 1.1.15 |
6.1 SP2** |
Solaris, Linux, AIX, HP-UX |
| 1.1.9 |
5.1.x 6.0 or higher |
Solaris, Linux, AIX, HP-UX |
| 1.1.8 |
5.0 |
Solaris, Linux, AIX, HP-UX |
* The FIPS 140-2 validation level varies depending on many factors, including the operating system (not all operating systems are currently eligible for Level 2). For validation level details, and to view the certificate and security policy, see the Computer Security Division: Computer Security Resource Center on the NIST website at http://csrc.nist.gov/cryptval/140-1/1401val2004.htm (Cert# 493 and 494).
** See "US-Cert Vulnerability Note VU#845620" section below for further information.
Department of Defense (DoD) Public Key Enabled (PKE) Certification
The following Reflection for Secure IT applications are certified as DOD PKI Interoperable:
Reflection for Secure IT UNIX Client versions 6.1 SP2, SP3, and SP4
Reflection for Secure IT UNIX Server versions 6.1 SP2, SP3, and SP4
Reflection for Secure IT Windows Server versions 6.1, and 6.1 SP1, SP2, SP3, and SP4
Reflection for Secure IT UNIX Server versions 6.1 SP2, SP3, and SP4
Reflection for Secure IT Windows Server versions 6.1, and 6.1 SP1, SP2, SP3, and SP4
To view the certificates see the Joint Interoperability Test Command's (JITC) Department of Defense (DoD) Public Key Enabled (PKE) Application Status Web page at http://jitc.fhu.disa.mil/pki/appstatus.html.
Security Alerts and Advisories and Reflection 6.x and F-Secure SSH
The following security alerts and advisories may affect your Reflection installation, or the security of your operating system or network environment. We recommend that you review these alerts and advisories.
Note: This information is non-inclusive—it does not attempt to address all security issues that may affect your system.
| Alert |
Vulnerability Summary CVE-2007-4752 |
| Date Posted |
September 2007 |
| Summary |
ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted. |
| Product Status |
Attachmate SSH clients (including Reflection for Secure IT and Reflection X) do not have this OpenSSH vulnerability. Note: Reflection for Secure IT UNIX Clients versions 6.x and 7.0 support trusted X11 forwarding, but do not have the vulnerability. |
| Additional Information |
For details, see the National Vulnerability Database web site at http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4752. |
| Alert |
Vulnerability Summary CVE-2008-1657 |
| Date Posted |
July 2008 |
| Summary |
OpenSSH 4.4 and other versions before 4.9 allows remote authenticated users to bypass the sshd_config ForceCommand directive by modifying the .ssh/rc session file. |
| Product Status |
Reflection for Secure IT version 6.x is not based on OpenSSH code and is not vulnerable. |
| Additional Information |
For details, see the National Vulnerability Database web site at http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1657. |
| Alert |
Vulnerability Summary CVE-2008-1483 |
| Date Posted |
July 2008 |
| Summary |
OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs. |
| Product Status |
Reflection for Secure IT version 6.x is not based on OpenSSH code and is not vulnerable. |
| Additional Information |
For details, see the National Vulnerability Database web site at http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1483. |
| Alert |
Vulnerability Summary CVE-2007-3108 |
| Date Posted |
July 2008 |
| Summary |
OpenSSL cyptography vulnerability that could allow and RSA key to be stolen. |
| Product Status |
The Reflection for Secure IT version 6.x cryptographic module is not based on OpenSSL code and is not vulnerable. |
| Additional Information |
For details, see the National Vulnerability Database web site at http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3108. |
| Alert |
Vulnerability Summary CVE-2006-2937 |
| Date Posted |
July 2008 |
| Summary |
Denial of Service attack using malformed ASN.1 packets. |
| Product Status |
The Reflection for Secure IT version 6.x cryptographic module is not based on OpenSSL code and is not vulnerable. |
| Additional Information |
For details, see the National Vulnerability Database web site at http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-2937. |
| Alert |
Vulnerability Summary CVE-2006-2940 |
| Date Posted |
July 2008 |
| Summary |
Denial of Service attack using parasitic public keys. |
| Product Status |
The Reflection for Secure IT version 6.x cryptographic module is not based on OpenSSL code and is not vulnerable. Additionally, Reflection for Secure IT versions 6.x and 7.0 allow a maximum accepted public key size to be set to prevent this denial of service attack. |
| Additional Information |
For details, see the National Vulnerability Database web site at http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-2940. |
| Alert |
US-CERT Vulnerability Note VU #419344 |
| Date Posted |
April 2007 |
| Summary |
An authenticated user may be able to execute arbitrary code on a host running kadmind. Successful exploitation can compromise the Kerberos key database and host security on the host running these programs. (kadmind and the KDC typically run as root.) Unsuccessful exploitation attempts will likely result in the affected program crashing. Third-party applications calling either the RPC library or the GSS-API library provided with MIT krb5 may be vulnerable. |
| Product Status |
Attachmate products (including NetIQ products) are not vulnerable. |
| Additional Information |
For details, see the CERT web site at http://www.kb.cert.org/vuls/id/419344. |
| Alert |
US-CERT Vulnerability Note VU #704024 |
| Date Posted |
April 2007 |
| Summary |
A buffer overflow exists in the krb5_klog_syslog() function used by kadmind and the KDC. An authenticated user may be able to execute arbitrary code on a host running kadmind. An authenticated user may be able to execute arbitrary code on KDC host. Also, a user controlling a Kerberos realm sharing a key with the target realm may be able to execute arbitrary code on a KDC host. Successful exploitation can compromise the Kerberos key database and host security on the host running these programs. (kadmind and the KDC typically run as root.) Unsuccessful exploitation attempts will likely result in the affected program crashing. Third-party applications calling krb5_klog_syslog() may also be vulnerable. |
| Product Status |
Attachmate products (including NetIQ products) are not vulnerable. |
| Additional Information |
For details, see the CERT web site at http://www.kb.cert.org/vuls/id/704024. |
| Alert |
US-CERT Vulnerability Note VU #220816 |
| Date Posted |
April 2007 |
| Summary |
A remotely-exploitable root vulnerability is present in an application which ships in the krb5 sources. |
| Product Status |
Attachmate products (including NetIQ products) are not vulnerable. |
| Additional Information |
For details, see the CERT web site at http://www.kb.cert.org/vuls/id/220816. |
| Alert |
US-CERT Vulnerability Note VU #831452: Kerberos administration daemon may free uninitialized pointers |
| Date Posted |
April 2007 |
| Summary |
An unauthenticated user may cause execution of arbitrary code in the Kerberos administration daemon, "kadmind", by causing it to free uninitialized pointers which should have been initialized by the GSS-API library. Compromise of the Kerberos key database may result. Third-party server applications written using the GSS-API library provided with MIT krb5 may also be vulnerable. Affected releases are krb5-1.5 through krb5-1.5.1. |
| Product Status |
Attachmate products (including NetIQ products) are not vulnerable. |
| Additional Information |
For details, see the CERT web site at http://www.kb.cert.org/vuls/id/831452. |
| Alert |
US-Cert Vulnerability Note VU#845620 |
| Date Posted |
March 22, 2007 |
| Summary |
There is a flaw in signature verification that affects RSA public keys and digital certificates created with a public exponent of 3. This flaw results from improper processing of the PKCS-1 padding before generating the hash. This allows a remote attacker to forge the PKCS#1 v1.5 signature signed by the RSA key and attempt a man-in-the-middle attack by masquerading as the valid server. |
| Product Status |
For details, see Technical Note 2137. |
| Additional |
For details, see the CERT web site at http://www.kb.cert.org/vuls/id/845620. |
| Alert |
iDefense Advisory 11.15.05 |
| Date Posted |
August 23, 2006 |
| Summary |
A Windows API call used by multiple vendors' SSH servers contains a vulnerability which may allow an attacker to execute arbitrary code, if the attacker has already succeeded in placing the malicious code in specific locations on the SSH server. |
| Product Status |
For details, see Technical Note 2112. |
| Additional |
For details, see the iDefense Advisory web site at http://www.idefense.com/intelligence/vulnerabilities/display.php?id=340. |
| Alert |
SFTP Subsystem Server |
| Date Posted |
May 30, 2006 |
| Summary |
Reflection for Secure IT and F-Secure sftp subsystem servers on UNIX and Windows contain a vulnerability that may enable an attacker to execute arbitrary code at the privilege of an authenticated user. |
| Product Status |
For details, see Technical Note 1882. |
| Alert |
US-CERT Vulnerability Note VU#419241 |
| Date Posted |
February 15, 2006 |
| Summary |
A logging function used by multiple vendors' SFTP servers contains a format string vulnerability, which may allow an authorized remote attacker to execute arbitrary code or cause a denial of service. |
| Product Status |
For details, see Technical Note 1882. |
| Additional |
For details, see the CERT web site at http://www.kb.cert.org/vuls/id/419241. |
| Alert |
US-CERT Vulnerability Note VU#902110 |
| Date Posted |
September 01, 2005 |
| Summary |
Under certain conditions, Reflection for Secure IT Windows Server allows login to built-in accounts that have renamed. |
| Product Status |
For details, see Technical Note 1867. |
| Additional |
For details, see the CERT web site at http://www.kb.cert.org/vuls/id/902110. |
| Alert |
US-CERT Vulnerability Note VU#758054 |
| Date Posted |
September 01, 2005 |
| Summary |
A change made to the case sensitivity of the allow and deny lists can potentially allow unintended access. |
| Product Status |
For details, see Technical Note 1867. |
| Additional |
For details, see the CERT web site at http://www.kb.cert.org/vuls/id/758054. |
| Alert |
US-CERT Vulnerability Note VU#973635 |
| Date Posted |
September 01, 2005 |
| Summary |
This security vulnerability involves the permissions set on the host private key file. When the SSH Windows server generates a host key pair, the permissions set for the key pair may be insufficient to protect the host private key file. |
| Product Status |
For details, see Technical Note 1867. |
| Additional |
For details, see the CERT web site at http://www.kb.cert.org/vuls/id/973635. |
| Alert |
Windows Server Alert |
| Date Posted |
August 25, 2005 |
| Summary |
There is a security alert for Reflection for Secure IT Windows Server version 6.0 and for all versions of F-Secure SSH Server for Windows. |
| Product Status |
For details, see Technical Note 1867. |
| Alert |
US-CERT Vulnerability Note VU#623332 |
| Date Posted |
July 21, 2005 |
| Summary |
MIT Kerberos 5 contains double free vulnerability in "krb5_recvauth()" function. |
| Product Status |
If you have configured the Reflection for Secure IT or F-Secure SSH UNIX products for Kerberos with the Kerberos5 option (only available when the product is installed from the source version), you may be vulnerable. Updating the MIT Kerberos run-time (shared object) libraries should resolve the vulnerability. |
| Additional |
For details, see the CERT web site at http://www.kb.cert.org/vuls/id/623332. |
| Alert |
US-CERT Vulnerability Note VU#680620 |
| Date Posted |
July 14, 2005 |
| Summary |
Buffer overflow vulnerability in versions 1.2.1 and 1.2.2 of the zlib data compression library inflate() routine. |
| Product Status |
Versions 3.2.3 (UNIX) or higher and 5.1 (Windows) or higher of the Reflection for Secure IT products use zlib version 1.1.4, which is not subject to this vulnerability. |
| Additional |
For details, see the CERT web site at http://www.kb.cert.org/vuls/id/680620. |
| Alert |
SSH and Address-harvesting Worms: Analysis of Potential for Damage |
| Date Posted |
May 31, 2005 |
| Summary |
In a recent paper (“Inoculating SSH Against Address-Harvesting Worms,” (http://nms.csail.mit.edu/projects/ssh/sshworm.pdf), MIT researchers have raised the possibility that a worm might make its way onto a system running SSH and spread swiftly by mining the contents of the known_hosts file, which is part of many SSH implementations. While this research presents some interesting findings, it does not point out any new vulnerabilities in SSH or any new methods of attack. Nevertheless, we think it’s important that our SSH customers understand the implications of this research and the ways in which they can protect their systems. Attachmate SSH products currently support mechanisms that can thwart the kind of automated attack hypothesized by MIT. These mechanisms include certificate authentication support, which obviates the need to store information on SSH hosts locally. The products also support strong, two-factor user authentication to protect against damage caused by password or user key theft. |
| Product Status |
We are committed to continuing to add protections to SSH in order to provide reasonable defenses against attackers. We will introduce more features to the products that offer customers the option of tightening down their SSH implementations so that an address-harvesting worm would be slowed or even discouraged. |
| Additional |
For more information, please see the whitepaper, A Hypothetical Threat to SSH: What Customers Need to Know, at http://www.attachmate.com/WhitePapers/Literature_0976.htm. The whitepaper describes the threat in more detail, as described by MIT, and suggests best practices for using SSH. |
| Alert |
Announcement of Successful Cryptanalytic Attack on SHA-1 |
| Date Posted |
April 21, 2005 |
| Summary |
Three Chinese cryptanalysts from Shandong University have recently documented a successful cryptanalytic attack on the SHA-1 algorithm. According to Bruce Schneier, the author of "Applied Cryptography," this announcement should not be of concern to the average internet user. |
| Product Status |
Reflection for Secure IT primarily uses SHA-1 for HMAC (Keyed Hashing for Message Authentication) construction, which is not affected by collision attacks. In the next several versions of products that use the SHA-1 algorithm, all vendors—including Attachmate, will need to phase out the use of SHA-1 hashes for use in digital signatures and add support for SHA-256 and other stronger hashing algorithms. |
| Additional |
For further details, read the blog posting at http://www.schneier.com/blog/archives/2005/02/cryptanalysis_o.html. |
| Alert |
US-CERT Vulnerability Note VU#814198 |
| Date Posted |
April 2, 2004 |
| Summary |
SSH Tectia Server race condition vulnerability. |
| Product Status |
Applies to: All versions and all platforms of Reflection for Secure IT Server Reflection for Secure IT is not affected by the password change plug-in enabled vulnerability discussed in this Vulnerability Note. All Reflection for Secure IT server versions have a password change implementation that differs from the vulnerable one used in the SSH Tectia Server. |
| Additional |
For further information about this issue, see http://www.kb.cert.org/vuls/id/814198. |
| Alert |
US-CERT Vulnerability Note VU#333980 |
| Date Posted |
October 1, 2003 |
| Summary |
SSH Communications' Secure Shell contains vulnerabilities in ASN.1 libraries. |
| Product Status |
Applies to: All platforms of the following F-Secure SSH products: F-Secure SSH Client and Server for Unix 3.0 - 3.2.3 build 14 F-Secure SSH Server for Windows 5.2 build 1- 5.2 build 38 F-Secure SSH Client for Windows 5.1 - 5.3 build 21 No other releases are affected by this vulnerability. A vulnerability has been discovered in the way that F-Secure SSH handles digital certificates. At this time, there are no known exploits for this vulnerability; however, we strongly recommend that you immediately upgrade your F-Secure SSH installation to the latest version available. Important: If for any reason you cannot upgrade to latest version, the following information may help you assess your potential vulnerability to this threat. This vulnerability affects the way F-Secure SSH handles the decoding of BER/DER encoded packets. BER/DER encoding is applied in digital certificates, which are used for authenticating a user to a host. Certificates are also commonly used for authenticating SSL/TLS connections. Using malformed BER/DER packets, the receiving host can potentially crash making a Denial-of-Service (DoS) attack possible. You are vulnerable if: * You are using certificate based authentication in commercially available versions of F-Secure SSH with the "Pki" definition in the configuration file. This applies to Windows and UNIX F-Secure SSH Server products. * You are using host-based authentication for the server and the client. It is not possible to disable certificate authentication in host-based configurations. * You are using the commercial or non-commercial version of the F-Secure SSH Client for Windows. Your server is NOT vulnerable if: * You are using password authentication only. * You use the non-commercial UNIX distribution that does not contain the PKI functionality. * You allow public key authentication without specifying the "Pki" keyword in the server configuration file (sshd2_config). |
| Additional |
For more information regarding this vulnerability, see http://www.kb.cert.org/vuls/id/333980. |
Security and Your Operating System
Security is dependent on a number of factors, one of which is the security of the operating system. This section provides links to security information found on the web sites of common operating systems. This information is non-inclusive—it does not include all operating systems, nor does it include all links to information that may impact the security of your operating system.
Microsoft: http://www.microsoft.com/technet/security/current.asp
Debian Linux: http://www.debian.org/security/
HP (Compaq): http://www1.itrc.hp.com/service/home/home.do (Note: This site requires registration.)
Red Hat Linux: http://www.redhat.com/support/alerts/
Sun Microsystems: http://sunsolve.sun.com/pub-cgi/show.pl?target=security/sec
IBM: http://www-1.ibm.com/servers/eserver/support/zseries/
Notice: This technical note is updated from time to time and is provided for informational purposes only. Attachmate makes no representation or warranty that the functions contained in our software products will meet your requirements or that the operation of our software products will be interruption or error free. Attachmate EXPRESSLY DISCLAIMS ALL WARRANTIES REGARDING OUR SOFTWARE INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
