Close
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    OpenSSH Flaw Exposes Linux to Roaming Risk

    Written by

    Sean Michael Kerner
    Published January 14, 2016
    Share
    Facebook
    Twitter
    Linkedin

      eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

      The open-source OpenSSH project today announced a critical update, patching a pair of vulnerabilities that an attacker could have used to steal user information.

      OpenSSH is a widely used and deployed technology that is intended to enable secure remote access to a system. OpenSSH is an implementation of the SSH (Secure Shell) protocol 2.0 that can run on both client and server systems and is typically included in all major Linux distributions.

      “The OpenSSH client code between 5.4 and 7.1 contains experimental support for resuming SSH-connections (roaming),” the OpenSSH project advisory on the update states. “The matching server code has never been shipped, but the client code was enabled by default and could be tricked by a malicious server into leaking client memory to the server, including private client user keys.”

      Security firm Qualys first reported the roaming vulnerability to the OpenSSH project and has identified the flaw as CVE-2016-0777.

      “The information leak is exploitable in the default configuration of the OpenSSH client, and (depending on the client’s version, compiler, and operating system) allows a malicious SSH server to steal the client’s private keys,” Qualys warns in its advisory. “This information leak may have already been exploited in the wild by sophisticated attackers, and high-profile sites or users may need to regenerate their SSH keys accordingly.”

      There is also a buffer overflow flaw identified as CVE-2016-0778 that Qualys also found and is being patched by OpenSSH. The buffer overflow vulnerability has less impact than CVE-2016-0777, as it can only be triggered with systems that are running with a pair of non-default options.

      “This buffer overflow is therefore unlikely to have any real-world impact, but provides a particularly interesting case study,” Qualys stated.

      With the patch now out from the OpenSSH project, Linux vendors are beginning to rush out their own packages that include the new patch.

      “Red Hat Enterprise Linux 4, 5 and 6 are not affected by this flaw as they include OpenSSH versions that are older than 5.4; Red Hat Enterprise Linux 7 is affected,” Mark Cox, senior director of product security at Red Hat, told eWEEK. “Red Hat Product Security is working on security updates for Red hat Enterprise Linux 7, and they should be available soon.”

      From a workaround perspective, there are multiple sets of security controls in Linux that can often be employed proactively to limit risks. One such system is SELinux (security enhanced Linux), which provides an additional layer of access controls onto system processes and applications. Unfortunately with the OpenSSH issues, Cox said that no security controls, including SELinux, would have helped.

      “The problem involved a bug that exposed a memory leak to a malicious SSH server,” Cox explained. “Because the data in question didn’t cross any trust or execution boundaries, the malicious server could get the client to possibly leak sensitive authentication key data.”

      Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

      Sean Michael Kerner
      Sean Michael Kerner
      Sean Michael Kerner is an Internet consultant, strategist, and writer for several leading IT business web sites.

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      MOST POPULAR ARTICLES

      Artificial Intelligence

      9 Best AI 3D Generators You Need...

      Sam Rinko - June 25, 2024 0
      AI 3D Generators are powerful tools for many different industries. Discover the best AI 3D Generators, and learn which is best for your specific use case.
      Read more
      Cloud

      RingCentral Expands Its Collaboration Platform

      Zeus Kerravala - November 22, 2023 0
      RingCentral adds AI-enabled contact center and hybrid event products to its suite of collaboration services.
      Read more
      Artificial Intelligence

      8 Best AI Data Analytics Software &...

      Aminu Abdullahi - January 18, 2024 0
      Learn the top AI data analytics software to use. Compare AI data analytics solutions & features to make the best choice for your business.
      Read more
      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Video

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2024 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×