Hi, I have the SSH Terrapin Prefix Truncation Weakness on Red Hat Enterprise Linux release 8.7 (Ootpa). The details are as follows. # rpm -qa | grep openssh openssh-8.0p1-16.el8.x86_64 openssh-askpass-8.0p1-16.el8.x86_64 openssh-server-8.0p1-16.el8.x86_64 openssh-clients-8.0p1-16.el8.x86_64 # cat /etc/redhat-release Red Hat Enterprise Linux release 8.7 (Ootpa) # SSH Terrapin Prefix Truncation Weakness (CVE-2023-48795) Synopsis The remote SSH server is vulnerable to a mitm prefix truncation attack. Description The remote SSH server is vulnerable to a man-in-the-middle prefix truncation weakness known as Terrapin. This can allow a remote, man-in-the-middle attacker to bypass integrity checks and downgrade the connection's security. Note that this plugin only checks for remote SSH servers that support either ChaCha20-Poly1305 or CBC with Encrypt-then-MAC and do not support the strict key exchange countermeasures. It does not check for vulnerable software versions. See Also https://terrapin-attack.com/ Solution Contact the vendor for an update with the strict key exchange countermeasures or disable the affected algorithms. Risk Factor Medium CVSS v3.0 Base Score 5.9 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N) CVSS v3.0 Temporal Score 5.3 (CVSS:3.0/E:P/RL:O/RC:C) VPR Score 6.9 CVSS v2.0 Base Score 5.4 (CVSS2#AV:N/AC:H/Au:N/C:N/I:C/A:N) CVSS v2.0 Temporal Score 4.2 (CVSS2#E:POC/RL:OF/RC:C) 187315 (10) - SSH Terrapin Prefix Truncation Weakness (CVE-2023-48795) 16 References CVE CVE-2023-48795 Is there a way to configure /etc/ssh/sshd_config to mitigate SSH Terrapin Prefix Truncation Weakness (CVE-2023-48795)? Please guide me. Thanks in advance. Best Regards, Kaushal _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
