SOL1518 - Multiple SSH1 vulnerabilities - CA-2001-35

2007-05-16T00:00:00
ID SOL1518
Type f5
Reporter f5
Modified 2010-09-13T00:00:00

Description

CERT Advisory CA-2001-35 revisits several existing exploits for the SSH1 and SSH2 protocols handled by the sshd process. For more information about the vulnerability, refer to the CERT website at the following location:

<http://www.cert.org/advisories/CA-2001-35.html>.

Workaround

If you have BIG-IP or 3-DNS 4.5, you can work around these issues by forcing the sshd process to prohibit SSH1 connections to your system. To do so, perform the following procedure:

  1. Log in to the command line.
  2. Using a text editor, edit the /config/ssh/sshd_config file.
  3. Locate the following line:

Protocol 2,1

  1. Change the line to read the following:

Protocol 2

  1. Restart the sshd process by typing the following command:

bigstart restart sshd