On Tue, 23 Oct 2001, Max Parke wrote: > When the vulnerabilities in ssh-1.xx were publicised, we upgraded to > ssh-2.xx on our machines. The process for ssh version 2.xx does NOT > erase sshd1 from /usr/local/sbin, and if an incoming client is still > running the old ssh version 1, sshd2 will hand off control to > /usr/local/sbin/sshd1 (of course, this can be disabled). We mentioned this possibility in our original advisory, available at http://razor.bindview.com/publish/advisories/adv_ssh1crc.html, but it is good to mention it again today, when we observe massive exploitation of this vulnerability since private, multi-platform brute-force exploit authored by TESO security team leaked to the "underground" (not blaming TESO in particular: seeing several other exploits leaking this way in past few months - e.g. in.telnetd remote root - makes you wonder what's the real good of zero-disclosure policy and general ability of human beings to keep things available to "responsible parties" only). So far, people didn't see the threat (no exploits publicly available), and many didn't upgrade their daemons. Now, it is the time. If you do not use SSHv1, it is important to disable this feature, as SSH.com SSHv1 implementation is no longer actively maintained. If you have to stick to this protocol (which seems to be more vulnerable to certain cryptographic attacks than SSHv2), you should upgrade to 1.2.32, or switch to OpenSSH implementation - they implement SSHv1 in main daemon code and still seem to maintain it. -- _____________________________________________________ Michal Zalewski [lcamtuf@bos.bindview.com] [security] [http://lcamtuf.coredump.cx] <=-=> bash$ :(){ :|:&};: =-=> Did you know that clones never use mirrors? <=-= http://lcamtuf.coredump.cx/photo/
