[Fwd: No vulnerability known in SSH-1.2.26]
I've been seeing the purported SSL vulnerability discussed here, and
thought you'd like to see the message from the author of SSL that was
sent out to the coderpunks mailing list...
LockStar, Inc., Clifton NJ USA
Tatu Ylonen wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> As the original author of SSH I want to comment on the rumored
> I have personally looked into the claimed vulnerabilities, including
> the ones reported by IBM, and do not have any reason to assume that
> there would be any vulnerability in ssh-1.2.26. NO SUCH VULNERABILITY
> IS KNOWN.
> I repeat, I KNOW OF NO VULNERABILITY IN SSH-1.2.26.
> The IBM-ERS report on ssh vulnerability turned out to be false alert.
> They could not reproduce it after they recompiled their ssh and linux
> I have personally checked all places where ssh displays debugging
> messages, log messages, or otherwise uses functions like sprintf. I
> was unable to find any vulnerabilities.
> I have talked to people at both CERT and the IBM emergency response
> service and none of them seems to have any knowledge of any
> vulnerability in SSH.
> In summary, to my best knowledge, ssh-1.2.26 can be safely used.
> Please communicate this information to the relevant people.
> Brief history of events:
> - On October 28, the rootshell.com home page was defaced by
> hackers. After the host was brought up to date, their front page
> contained information that listed the services that had been
> active, and mentioned that entry may have been made with ssh.
> (Note that this does not by itself indicate anything; password or
> other authentication may have been obtained at the other end)
> - On October 29, a message about the rootshell case is posted to
> bugtraq and possibly other mailing lists. Many people took this
> as indication of a vulnerability in ssh.
> - We looked at the rootshell case, and found no cause for alarm, but
> decided to be watching.
> - On October 30, IBM sent an draft advisory reporting a buffer overflow
> vulnerability that could be used to gain root access to any host
> running ssh from anywhere on the Internet. The draft advisory was
> sent to at least CERT, FIRST, ssh-bugs, and a few other places.
> - On october 30, several major computer manufacturers and their
> offices around the world were advising their customers to follow
> the situation, and possibly disable ssh for now. Some CERTs
> around the world issued preliminary alerts to their most important
> - I learn of the IBM advisory on October 31 at 2 AM. By 6 AM I've
> talked to both CERT and IBM Emergency Response Team, checked the
> code claimed to be at fault (finding no problem), and no-one seems
> to have any concrete information, and we conclude there is no
> cause for immediate alarm.
> - By November 1, the IBM researchers who found the vulnerability in
> the IBM draft advisory have been reached. One of them says he
> never saw an exploit, and the other first said he had an exploit
> and he was going to send it over shortly, and the next day he said
> that he could no longer reproduce the problem after recompiling
> ssh. He does not appear to have an exploit after all.
> - I've personally gone through all places where ssh1 passes
> information to sprintf, log_msg, or any other functions using
> sprintf. I found no security problems. I found one place where
> an argument to a format string was missing, but it is probably not
> exploitable, and one place where one byte less was allocated for a
> string than was used (only appears on Solaris). Neither of these
> have security consequences or are cause for alarm.
> - On November 1, the IBM announcement for which IBM has already issued
> a cancellation is widely distributed by rootshell through their
> announcement list.
> - Now at Morning November 2, I'm convinced (>99% sure) that both
> the rootshell issue and the IBM draft advisory were false alerts.
> We are also trying to track down the linux compilation problem that
> may have caused the false alert behind the IBM advisory. We will
> issue an announcement as soon as possible if real vulnerability is
> For more information, please keep tracking
> Best regards,
> Tatu Ylonen <firstname.lastname@example.org>
> - --
> SSH Communications Security http://www.ssh.fi/
> SSH IPSEC Toolkit http://www.ipsec.com/
> Free Unix SSH http://www.ssh.fi/sshprotocols2/
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.3i
> Charset: noconv
> -----END PGP SIGNATURE-----