[5216] in testers
sshd uses wrong replay cache for version 1
daemon@ATHENA.MIT.EDU (Sam Hartman)
Tue Jun 11 13:20:41 2002
To: testers@mit.edu
Message-Id: <20020611171950.814D4151FEF@industrial-algebra.mit.edu>
Date: Tue, 11 Jun 2002 13:19:50 -0400 (EDT)
From: hartmans@MIT.EDU (Sam Hartman)
I believe that there is a problem in sshd replay cache handling with
the 9.0 and 9.1 sshd. Ssh protocol 1 Kerberos authentication uses
/var/tmp/rc_sshd_0 not /var/tmp/rc_host_0 as a replay cache. This is
true both with the ssh.com and openssh code base.
At first I thought this could be exploited on systems with unencrypted
rlogin enabled in order to gain rlogin access by sniffing the
authenticators sent over the ssh session. However, it turns out that
since the Kerberos exchange is encrypted within the ssh session for
version 1, I cannot think of a way to exploit this.
So, it's an annoying misuse of Kerberos rather than a security
problem.
--Sam
