Bug#606922: openssh: cve-2010-4478 jpake issue
> CVE-2010-4478[0]:
> | OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly
> | validate the public parameters in the J-PAKE protocol, which allows
> | remote attackers to bypass the need for knowledge of the shared
> | secret, and successfully authenticate, by sending crafted values in
> | each round of the protocol, a related issue to CVE-2010-4252.
>
> It does look like jpake is build for openssh. I've checked the version
> in squeeze and it has the vulnerable code.
Quoting from
http://seb.dbzteam.org/crypto/jpake-session-key-retrieval.pdf :
| This issue affects the implementations of J-PAKE [1] in OpenSSL [2]
| and OpenSSH [3]. These implementations referred as experimental [4, 5]
^^^^^^^^^^^^
| and work-in-progress
^^^^^^^^^^^^^^^^
As such, we should simply disable J-PAKE for now. It wasn't in Lenny,
so it's not a regression, either.
Cheers,
Moritz
Reply to: