USN-3061-1 OpenSSH vulnerability | Cloud Foundry

2016-08-25T00:00:00
ID CFOUNDRY:3C7597DAEB0A160E9DA1752927007C7C
Type cloudfoundry
Reporter Cloud Foundry
Modified 2016-08-25T00:00:00

Description

USN-3061-1 OpenSSH vulnerability

Medium

Vendor

Canonical Ubuntu, openssh

Versions Affected

Canonical Ubuntu 14.04 LTS

Description

Eddie Harari discovered that OpenSSH incorrectly handled password hashing when authenticating non-existing users. A remote attacker could perform a timing attack and enumerate valid users. (CVE-2016-6210)

Tomas Kuthan, Andres Rojas, and Javier Nieto discovered that OpenSSH did not limit password lengths. A remote attacker could use this issue to cause OpenSSH to consume resources, leading to a denial of service. (CVE-2016-6515)

Affected Products and Versions

Severity is medium unless otherwise noted.

  • Cloud Foundry BOSH stemcells 3146.x versions prior to 3146.20 AND 3232.x versions prior to 3232.17 AND other versions prior to 3262.8 are vulnerable
  • All versions of Cloud Foundry cflinuxfs2 prior to v.1.75.0

Mitigation

Users of affected versions should apply the following mitigation:

  • The Cloud Foundry team has released patched BOSH stemcells 3146.20 and 3232.17 with an upgraded Linux kernel that resolves the aforementioned issues. We recommend that Operators upgrade BOSH stemcell 3146.x versions to 3146.20 OR 3232.x versions to 3232.17
  • The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs2 v.1.75.0 or later versions3232

Credit

Eddie Harari, Tomas Kuthan, Javier Nieto, and Andres Rojas

References

  • <http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-6210.html>
  • <http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-6515.html>