You might find RedHat's CVE page on this useful: https://access.redhat.com/security/cve/cve-2023-48795 On Tue, Jan 23, 2024 at 10:04 AM Kaushal Shriyan <kaushalshriyan@xxxxxxxxx> wrote: > Hi, > > I have the SSH Terrapin Prefix Truncation Weakness on Red Hat Enterprise > Linux release 8.7 (Ootpa). The details are as follows. > > # rpm -qa | grep openssh > openssh-8.0p1-16.el8.x86_64 > openssh-askpass-8.0p1-16.el8.x86_64 > openssh-server-8.0p1-16.el8.x86_64 > openssh-clients-8.0p1-16.el8.x86_64 > > # cat /etc/redhat-release > Red Hat Enterprise Linux release 8.7 (Ootpa) > # > > SSH Terrapin Prefix Truncation Weakness (CVE-2023-48795) > > Synopsis > The remote SSH server is vulnerable to a mitm prefix truncation attack. > Description > The remote SSH server is vulnerable to a man-in-the-middle prefix > truncation weakness known as Terrapin. > This can allow a remote, man-in-the-middle attacker to bypass integrity > checks and downgrade the > connection's security. > Note that this plugin only checks for remote SSH servers that support > either ChaCha20-Poly1305 or CBC > with Encrypt-then-MAC and do not support the strict key exchange > countermeasures. It does not check for > vulnerable software versions. > See Also > https://terrapin-attack.com/ > > Solution > Contact the vendor for an update with the strict key exchange > countermeasures or disable the affected > algorithms. > Risk Factor > Medium > CVSS v3.0 Base Score > 5.9 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N) > CVSS v3.0 Temporal Score > 5.3 (CVSS:3.0/E:P/RL:O/RC:C) > VPR Score > 6.9 > CVSS v2.0 Base Score > 5.4 (CVSS2#AV:N/AC:H/Au:N/C:N/I:C/A:N) > CVSS v2.0 Temporal Score > 4.2 (CVSS2#E:POC/RL:OF/RC:C) > 187315 (10) - SSH Terrapin Prefix Truncation Weakness (CVE-2023-48795) 16 > > References > CVE CVE-2023-48795 > > Is there a way to configure /etc/ssh/sshd_config to mitigate SSH Terrapin > Prefix Truncation Weakness (CVE-2023-48795)? > > Please guide me. > > Thanks in advance. > > Best Regards, > > Kaushal > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev@xxxxxxxxxxx > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev > -- John Adams Senior Linux/Middleware Administrator | Information Technology Services +1-501-916-3010 | jxadams@xxxxxxxx | http://ualr.edu/itservices *UA Little Rock* Reminder: IT Services will never ask for your password over the phone or in an email. Always be suspicious of requests for personal information that come via email, even from known contacts. For more information or to report suspicious email, visit IT Security <http://ualr.edu/itservices/security/>. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
