Secure Shell Installed

1995-01-01T00:00:00
ID OSVDB:3121
Type osvdb
Reporter OSVDB
Modified 1995-01-01T00:00:00

Description

Vulnerability Description

Secure shell (SSH) is a widely deployed service for remote access and file transfers across a network. Due to a history of vulnerabilities, it is a popular program to scan for and attack. While most of the bugs reported for various SSH versions are minor, there have been a few that allow remote access to the machine. Typically, once an attacker gains local access to the file system, it is trivial to elevate those priveleges into root access. Older versions rely on the SSH1 protocol which has been found to be vulnerable to a variety of attacks, including session decryption.

Solution Description

There are several measures administrators can take to help improve the security of SSH installations:

  • Keep your version of SSH upgraded to the latest available.
  • Keep the OpenSSL libraries updated.
  • When possible, utilize SSH2 instead of SSH1.
  • Use strict configuration options in sshd_config.
  • Disallow root login via SSH.
  • Disable rsh access and configure SSH not to fall back to it.
  • Use blowfish encryption rather than the alternatives.

Short Description

Secure shell (SSH) is a widely deployed service for remote access and file transfers across a network. Due to a history of vulnerabilities, it is a popular program to scan for and attack. While most of the bugs reported for various SSH versions are minor, there have been a few that allow remote access to the machine. Typically, once an attacker gains local access to the file system, it is trivial to elevate those priveleges into root access. Older versions rely on the SSH1 protocol which has been found to be vulnerable to a variety of attacks, including session decryption.

References:

Other Solution URL: http://www.monkey.org/~provos/scanssh/ Keyword: SANS Top 20 2003 Unix Issue #08 Keyword: SANS Top 20 2002 Unix Issue #03 Generic Informational URL: http://www.ssh.com/ Generic Informational URL: http://www.sans.org/top20/#u8 Generic Informational URL: http://www.openssh.org/ Generic Informational URL: http://www.sans.org/top20/oct02.php#U3