Qualys security researchers discover vulnerability in OpenSSH client

Spread the love

Qualys security researchers have identified a vulnerability in the OpenSSH client. This makes it possible for an attacker to use a malicious ssh server to read the memory of the client, which, among other things, can leak security keys.

The Undeadly site reports that versions 5.4 to 7.1 of the OpenSSH client are affected by the vulnerability, which has been identified as cve-2016-0777. A patch is now available in the 7.1p2 release of the software.

Authenticating the server’s host key would ensure that the vulnerability cannot be used by a man-in-the-middle attack, but only through a malicious or infected server. As an alternative to the patch, users can add ‘UseRoaming no’ to their ssh configuration file or use the ‘-oUseRoaming=no’ parameter with the ssh command from the command line.

The bug is said to have been caused by experimental code for resuming secure ssh connections in OpenSSH’s client software. However, the code never made it into the server software.

You might also like
Exit mobile version