Explore top 10 tips to secure your open-source projects now. Read More
×
Arch Linux Security Advisory ASA-201602-21 ========================================= Severity: High Date : 2016-02-25 CVE-ID : CVE-2016-0787 Package : lib32-libssh2 Type : man-in-the-middle Remote : Yes Link : https://wiki.archlinux.org/title/CVE Summary ====== The package lib32-libssh2 before version 1.7.0-1 is vulnerable to man-in-the-middle. Resolution ========= Upgrade to 1.7.0-1. # pacman -Syu "lib32-libssh2>=1.7.0-1" The problem has been fixed upstream in version 1.7.0. Workaround ========= This issue may be worked around by using other key exchange methods, such asThis email address is being protected from spambots. You need JavaScript enabled to view it. or ecdh-sha2-nistp256, both are not vulnerable. By default, an unpatched libssh2 implementation will already attempt to use these two more secure methods when supported by the other party. Description ========== There is a bits/bytes confusion bug resulting in generation of a significantly short ephemeral secret for the diffie-hellman-group1 and diffie-hellman-group14 key exchange methods. The resulting secret is 128 bits long, instead of the recommended sizes of 1024 and 2048 bits respectively. There are practical algorithms (Baby steps/Giant steps, Pollard's rho) that can solve this problem in O(2^63) operations. Using such drastically reduced amount of random bits for Diffie Hellman weakened the handshake security significantly. This vulnerability could be exploited by an eavesdropper with enough resources to decrypt or intercept SSH sessions. Impact ===== A remote attacker is able to use this flaw to decrypt or intercept SSH sessions. References ========= https://libssh2.org/adv_20160223.html https://access.redhat.com/security/cve/CVE-2016-0787