PKCS #1 Version 1.5 Session Key Retrieval Vulnerability

Solution:
It is recommended by SSH.com that all users of the SSH1 protocol package upgrade to a revision using the SSH2 protocol with version 1 compatibility.

This patch has been provided by Core SDI:

--- rsaglue.c Wed Jan 17 11:42:52 2001
+++ rsaglue.c Tue Feb 13 16:05:33 2001
@@ -264,8 +264,10 @@
mpz_clear(&aux);

if (value[0] != 0 || value[1] != 2)
+ {
+ kill(getppid(),SIGALRM);
fatal("Bad result from rsa_private_decrypt");
-
+ }
for (i = 2; i < len && value[i]; i++)
;

--- sshd.c Wed Jan 17 11:42:53 2001
+++ sshd.c Tue Feb 13 16:05:15 2001
@@ -757,9 +757,11 @@

RETSIGTYPE key_regeneration_alarm(int sig)
{
+ static time_t last_keygen_time=0;
/* Check if we should generate a new key. */
- if (key_used)
- {
+ if (key_used && (time(NULL) - last_keygen_time > 60))
+ {
+ last_keygen_time = time(NULL);
/* This should really be done in the background. */
log_msg("Generating new %d bit RSA key.", options.server_key_bits);

random_acquire_light_environmental_noise(&sensitive_data.random_state);

Cisco users should contact the Technical Assistance Centre for patching/upgrading information.


Cisco IOS 12.1YC
  • Cisco IOS 12.1(5)YC1


Cisco IOS 12.1XR
  • Cisco IOS 12.1(5)XR2

  • Cisco IOS 12.1(5)YD2


Cisco IOS 12.1E
  • Cisco IOS 12.1(8a)E


Cisco IOS 12.1XD
  • Cisco IOS 12.2(1b)


Cisco IOS 12.1XQ
  • Cisco IOS 12.2(1b)


Cisco IOS 12.1XJ
  • Cisco IOS 12.1(5)YB4


Cisco IOS 12.0S
  • Cisco IOS 12.0(18)S


Cisco IOS 12.1EX
  • Cisco IOS 12.1(8a)E


Cisco IOS 12.1XI
  • Cisco IOS 12.2(1b)


Cisco IOS 12.1XS
  • Cisco IOS 12.1(5)XS


Cisco IOS 12.2XE
  • Cisco IOS 12.2(1)XE


Cisco IOS 12.1T
  • Cisco IOS 12.2(1b)


Cisco IOS 12.1XV
  • Cisco IOS 12.1(5)XV3


Cisco IOS 12.1XA
  • Cisco IOS 12.2(1b)


Cisco IOS 12.2XD
  • Cisco IOS 12.2(1)XD1


Cisco IOS 12.1YA
  • Cisco IOS 12.2(2)XB


Cisco IOS 12.1YD
  • Cisco IOS 12.1(5)YD2


Cisco IOS 12.1YB
  • Cisco IOS 12.1(5)YB4


Cisco IOS 12.1EZ
  • Cisco IOS 12.1(6)EZ2


Cisco IOS 12.1XG
  • Cisco IOS 12.1(5)XG5


Cisco IOS 12.2XQ
  • Cisco IOS 12.2(1)XQ


Cisco IOS 12.1XM
  • Cisco IOS 12.1(4)XM4


Cisco IOS 12.1YF
  • Cisco IOS 12.1(5)YF2


Cisco IOS 12.1XU
  • Cisco IOS 12.1(5)XU1


Cisco IOS 12.1XC
  • Cisco IOS 12.2(1b)


Cisco IOS 12.2
  • Cisco IOS 12.2(1b)


Cisco IOS 12.1XY
  • Cisco IOS 12.1(5)XY6


Cisco IOS 12.1XL
  • Cisco IOS 12.2(1b)


Cisco IOS 12.2XH
  • Cisco IOS 12.2(1)XH


Cisco IOS 12.1XT
  • Cisco IOS 12.1(3)XT3


Cisco IOS 12.1XF
  • Cisco IOS 12.1(2)XF4


Cisco IOS 12.1XH
  • Cisco IOS 12.2(1b)


Cisco IOS 12.1EC
  • Cisco IOS 12.1(6.5)EC3


Cisco IOS 12.1EY
  • Cisco IOS 12.1(6)EY


Cisco IOS 12.1XP
  • Cisco IOS 12.1(3)XP4


OpenSSH OpenSSH 1.2.3

SSH Communications Security SSH 1.2.31

OpenSSH OpenSSH 2.1

OpenSSH OpenSSH 2.1.1

Cisco PIX Firewall 5.2 (5)
  • Cisco PIX Firewall 5.2(6)


Cisco PIX Firewall 5.3 (1)
  • Cisco PIX Firewall 5.3(2)



 

Privacy Statement
Copyright 2010, SecurityFocus