Re: Backport for OpenSSH CBC Mode Information Disclosure Vulnerability

To: debian-security@lists.debian.org
Subject: Re: Backport for OpenSSH CBC Mode Information Disclosure Vulnerability
From: Russ Allbery <rra@debian.org>
Date: Tue, 30 Jun 2009 10:21:53 -0700
Message-id: <[🔎] 878wj9r61a.fsf@windlord.stanford.edu>
In-reply-to: <[🔎] 4126b3450906300335t2ec790a0g99951f4ef1ebbecd@mail.gmail.com> (Sam Kuper's message of "Tue\, 30 Jun 2009 11\:35\:51 +0100")
References: <[🔎] 4A49D6E0.3020906@1und1.de> <[🔎] 20090630102054.GF2803@ngolde.de> <[🔎] 4126b3450906300335t2ec790a0g99951f4ef1ebbecd@mail.gmail.com>

Sam Kuper <sam.kuper@uclmail.net> writes:
> 2009/6/30 Nico Golde
> <debian-security+ml@ngolde.de<debian-security%2Bml@ngolde.de>

>> http://security-tracker.debian.net/tracker/CVE-2008-5161

> Ouch! I agree with the note.

My understanding is that you then terminate the connection you're
attacking as part of the attempt to recover the cleartext unless you
happen to succeed.  I think it's going to be very hard to launch this
attack effectively in a real-world situation.  That's also upstream's
position:

    http://www.openssh.com/txt/cbc.adv

-- 
Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>

Reply to:

References:
- Backport for OpenSSH CBC Mode Information Disclosure Vulnerability
  - From: Niko Thome <niko.thome@1und1.de>
- Re: Backport for OpenSSH CBC Mode Information Disclosure Vulnerability
  - From: Nico Golde <debian-security+ml@ngolde.de>
- Re: Backport for OpenSSH CBC Mode Information Disclosure Vulnerability
  - From: Sam Kuper <sam.kuper@uclmail.net>

Prev by Date: Re: Backport for OpenSSH CBC Mode Information Disclosure Vulnerability
Previous by thread: Re: Backport for OpenSSH CBC Mode Information Disclosure Vulnerability
Index(es):
- Date
- Thread