[30019] in bugtraq
Re: OpenSSH/PAM timing attack allows remote users identification
daemon@ATHENA.MIT.EDU (Karl-Heinz Haag)
Fri May 2 16:57:22 2003
Resent-From: khaag@linux-ag.de
Resent-To: bugtraq@securityfocus.com
Date: Fri, 2 May 2003 02:56:31 +0200
From: Karl-Heinz Haag <k.haag@linux-ag.com>
To: bugtraq@securityfocus.com
Message-ID: <20030502005631.GA8596@linux-ag.de>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="3V7upXqbjpZ4EhLz"
Content-Disposition: inline
In-Reply-To: <Pine.LNX.4.30L2.0304301358220.9889-200000@dns.mediaservice.net>
--3V7upXqbjpZ4EhLz
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Quoting Marco Ivaldi (raptor@mediaservice.net):
> Security Advisory @ Mediaservice.net Srl
> (#01, 30/04/2003) Data Security Division
>=20
> Title: OpenSSH/PAM timing attack allows remote users identificat=
ion
> Application: OpenSSH-portable <=3D 3.6.1p1
> Platform: Linux, maybe others
> Description: A remote attacker can identify valid users on vulnerable
> systems, all PAM-enabled systems are potentially affected
> Author: Marco Ivaldi <raptor@mediaservice.net>
> Contributors: Maurizio Agazzini <inode@mediaservice.net>,
> Solar Designer <solar@openwall.com>,
> Andrea Ghirardini <pila@pilasecurity.com>
> Vendor Status: OpenSSH team notified on 12/04/2003,
> vendor-sec list notified on 28/04/2003
> CVE Candidate: The Common Vulnerabilities and Exposures project has assi=
gned
> the name CAN-2003-0190 to this issue.
> References: http://lab.mediaservice.net/advisory/2003-01-openssh.txt
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCAN-2003-0190
>=20
> 1. Abstract.
>=20
> During a pen-test we stumbled across a nasty bug in OpenSSH-portable with=
PAM
> support enabled (via the --with-pam configure script switch). This bug al=
lows a=20
> remote attacker to identify valid users on vulnerable systems, through a =
simple
> timing attack. The vulnerability is easy to exploit and may have high sev=
erity,
> if combined with poor password policies and other security problems that =
allow=20
> local privilege escalation.
>=20
> 2. Example Attack Session.
>=20
> root@voodoo:~# ssh [valid_user]@lab.mediaservice.net
> [valid_user]@lab.mediaservice.net's password: <- arbitrary (non-null) str=
ing
> [2 secs delay]
> Permission denied, please try again.
>=20
> root@voodoo:~# ssh [no_such_user]@lab.mediaservice.net
> [no_such_user]@lab.mediaservice.net's password: <- arbitrary (non-null) s=
tring
> [no delay]
> Permission denied, please try again.
>=20
> 4. Fix.
The "Fix" is to encourage all users/admins of OpenSSH to _only_ work=20
with key authentication (preferable only ssh2 protocol) on all ssh servers.=
=20
Switch the default:=20
PasswordAuthentication yes
Into:=20
PasswordAuthentication no
in sshd_config
In combination with the default "RSAAuthentication yes" it results in:=20
,--------
| kh@i4x:~$ ssh dodo@i4x <-dodo=3Dno_such_user
| [no delay]
| Permission denied (publickey).
`--------
The same as:=20
,--------
| kh@i4x:~$ ssh root@i4x
| [no delay]
| Permission denied (publickey).
`--------
That would be my 2Cent.=20
Karl-Heinz
--3V7upXqbjpZ4EhLz
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQE+scI/ggE0AflsbMURAubfAKCLlYdgoRlB2WoXrU6BVDC5yLuWDwCdEQPp
fv7clLHYSM11QXKiasEOzcI=
=TszD
-----END PGP SIGNATURE-----
--3V7upXqbjpZ4EhLz--
