Re: SSH Terrapin Prefix Truncation Weakness (CVE-2023-48795) on Red Hat Enterprise Linux release 8.7 (Ootpa)

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



You might find RedHat's CVE page on this useful:
https://access.redhat.com/security/cve/cve-2023-48795

On Tue, Jan 23, 2024 at 10:04 AM Kaushal Shriyan <kaushalshriyan@xxxxxxxxx>
wrote:

> Hi,
>
> I have the SSH Terrapin Prefix Truncation Weakness on Red Hat Enterprise
> Linux release 8.7 (Ootpa). The details are as follows.
>
> # rpm -qa | grep openssh
> openssh-8.0p1-16.el8.x86_64
> openssh-askpass-8.0p1-16.el8.x86_64
> openssh-server-8.0p1-16.el8.x86_64
> openssh-clients-8.0p1-16.el8.x86_64
>
> # cat /etc/redhat-release
> Red Hat Enterprise Linux release 8.7 (Ootpa)
> #
>
> SSH Terrapin Prefix Truncation Weakness (CVE-2023-48795)
>
> Synopsis
> The remote SSH server is vulnerable to a mitm prefix truncation attack.
> Description
> The remote SSH server is vulnerable to a man-in-the-middle prefix
> truncation weakness known as Terrapin.
> This can allow a remote, man-in-the-middle attacker to bypass integrity
> checks and downgrade the
> connection's security.
> Note that this plugin only checks for remote SSH servers that support
> either ChaCha20-Poly1305 or CBC
> with Encrypt-then-MAC and do not support the strict key exchange
> countermeasures. It does not check for
> vulnerable software versions.
> See Also
> https://terrapin-attack.com/
>
> Solution
> Contact the vendor for an update with the strict key exchange
> countermeasures or disable the affected
> algorithms.
> Risk Factor
> Medium
> CVSS v3.0 Base Score
> 5.9 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N)
> CVSS v3.0 Temporal Score
> 5.3 (CVSS:3.0/E:P/RL:O/RC:C)
> VPR Score
> 6.9
> CVSS v2.0 Base Score
> 5.4 (CVSS2#AV:N/AC:H/Au:N/C:N/I:C/A:N)
> CVSS v2.0 Temporal Score
> 4.2 (CVSS2#E:POC/RL:OF/RC:C)
> 187315 (10) - SSH Terrapin Prefix Truncation Weakness (CVE-2023-48795) 16
>
> References
> CVE CVE-2023-48795
>
> Is there a way to configure /etc/ssh/sshd_config to mitigate SSH Terrapin
> Prefix Truncation Weakness (CVE-2023-48795)?
>
> Please guide me.
>
> Thanks in advance.
>
> Best Regards,
>
> Kaushal
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev@xxxxxxxxxxx
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
>


-- 
John Adams
Senior Linux/Middleware Administrator  | Information Technology Services
+1-501-916-3010 | jxadams@xxxxxxxx | http://ualr.edu/itservices
*UA Little Rock*

Reminder:  IT Services will never ask for your password over the phone or
in an email. Always be suspicious of requests for personal information that
come via email, even from known contacts.  For more information or to
report suspicious email, visit IT Security
<http://ualr.edu/itservices/security/>.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux