[Bug 379329] Re: CVE-2008-5161: OpenSSH CBC plaintext recovery

Jamie Strandboge jamie at ubuntu.com
Wed Jan 20 17:59:47 GMT 2010


Ubuntu 9.04 and 9.10 have a backported patch to make the chances for a successful attack even smaller:
openssh (1:5.1p1-5) unstable; urgency=low

  * Backport from upstream CVS (Markus Friedl):
    - packet_disconnect() on padding error, too. Should reduce the success
      probability for the CPNI-957037 Plaintext Recovery Attack to 2^-18.

Marking the 9.10 task as "Won't fix" (and added 9.04 for completeness).
Added 8.10 task and will backport the packet_disconnect() patch with the
next 8.10 openssh security update.

For those that want to address this fully, from http://www.openssh.com/txt/cbc.adv:
"AES CTR mode and arcfour ciphers are not vulnerable to this attack at
all. These may be preferentially selected by placing the following
directive in sshd_config and ssh_config:

Ciphers aes128-ctr,aes256-ctr,arcfour256,arcfour,aes128-cbc,aes256-cbc"

** Also affects: openssh (Ubuntu Intrepid)
   Importance: Undecided
       Status: New

** Also affects: openssh (Ubuntu Jaunty)
   Importance: Undecided
       Status: New

** Changed in: openssh (Ubuntu Intrepid)
       Status: New => Triaged

** Changed in: openssh (Ubuntu Intrepid)
   Importance: Undecided => Low

** Changed in: openssh (Ubuntu Jaunty)
   Importance: Undecided => Low

** Changed in: openssh (Ubuntu Intrepid)
     Assignee: (unassigned) => Ubuntu Security Team (ubuntu-security)

** Changed in: openssh (Ubuntu Jaunty)
       Status: New => Won't Fix

** Changed in: openssh (Ubuntu Karmic)
       Status: Confirmed => Won't Fix

-- 
CVE-2008-5161: OpenSSH CBC plaintext recovery
https://bugs.launchpad.net/bugs/379329
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openssh in ubuntu.



More information about the Ubuntu-server-bugs mailing list