[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#314645: /usr/sbin/sshd: time delay of password check proves account existence to attackers

Package: ssh
Version: 1:3.8.1p1-8.sarge.4
Severity: critical
File: /usr/sbin/sshd
Tags: security
Justification: root security hole

Due to the delay that is caused by password checking, once ssh
determines that the login attempt is for a valid account, attackers can
statistically prove the existence of accounts on a ssh-accessible server
remotely. This cuts down greatly on the difficulty of a brute-force
password-guessing attack. Since user accounts often use worse patterns
than (hopefully) root does, it doesn't take much to pick user accounts
that are other than standard accounts and attempt to break in.

I'd strongly suggest either a randomized delay on responses for login
attempts on non-existent accounts, or a consistent delay between
existing and non-existent accounts, or some other method of hiding this
information.

This attack is already in the wild, as shown in logs:
Jun 16 08:30:14 localhost sshd[30986]: Illegal user jacob from
211.196.3.60
Jun 16 08:30:16 localhost sshd[30988]: Illegal user michael from
211.196.3.60
Jun 16 08:30:18 localhost sshd[30990]: Illegal user joshua from
211.196.3.60
Jun 16 08:30:20 localhost sshd[30992]: Illegal user matthew from
211.196.3.60
Jun 16 08:30:22 localhost sshd[30994]: Illegal user andrew from
211.196.3.60
Jun 16 08:30:22 localhost sshd[30996]: Illegal user jacob from
211.196.3.60
Jun 16 08:30:24 localhost sshd[30998]: Illegal user joseph from
211.196.3.60
Jun 16 08:30:24 localhost sshd[31000]: Illegal user michael from
211.196.3.60
Jun 16 08:30:26 localhost sshd[31002]: Illegal user ethan from
211.196.3.60
Jun 16 08:30:26 localhost sshd[31004]: Illegal user joshua from
211.196.3.60
Jun 16 08:30:28 localhost sshd[31006]: Illegal user daniel from
211.196.3.60
Jun 16 08:30:28 localhost sshd[31008]: Illegal user matthew from
211.196.3.60
Jun 16 08:30:30 localhost sshd[31010]: Illegal user christopher from
211.196.3.60

-- System Information:
Debian Release: 3.1
  APT prefers testing
  APT policy: (650, 'testing'), (600, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.4.27-20041103
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)

Versions of packages ssh depends on:
ii  adduser                     3.63         Add and remove users and groups
ii  debconf                     1.4.51       Debian configuration management sy
ii  dpkg                        1.10.28      Package maintenance system for Deb
ii  libc6                       2.3.2.ds1-22 GNU C Library: Shared libraries an
ii  libpam-modules              0.76-22      Pluggable Authentication Modules f
ii  libpam-runtime              0.76-22      Runtime support for the PAM librar
ii  libpam0g                    0.76-22      Pluggable Authentication Modules l
ii  libssl0.9.7                 0.9.7g-1     SSL shared libraries
ii  libwrap0                    7.6.dbs-8    Wietse Venema's TCP wrappers libra
ii  zlib1g                      1:1.2.2-4    compression library - runtime

-- debconf information:
  ssh/insecure_rshd:
  ssh/privsep_ask: true
  ssh/user_environment_tell:
* ssh/forward_warning:
* ssh/insecure_telnetd:
  ssh/new_config: true
* ssh/use_old_init_script: true
  ssh/SUID_client: true
  ssh/disable_cr_auth: false
* ssh/privsep_tell:
  ssh/ssh2_keys_merged:
  ssh/protocol2_only: true
  ssh/encrypted_host_key_but_no_keygen:
  ssh/run_sshd: true
Reply to: