Description
OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected products
- OpenBSD / OpenSSH5.6
- OpenBSD / OpenSSH1.2 – 1.2
- OpenBSD / OpenSSH1.2.1 – 1.2.1
- OpenBSD / OpenSSH1.2.2 – 1.2.2
- OpenBSD / OpenSSH1.2.3 – 1.2.3
- OpenBSD / OpenSSH1.2.27 – 1.2.27
- OpenBSD / OpenSSH1.3 – 1.3
- OpenBSD / OpenSSH1.5 – 1.5
- OpenBSD / OpenSSH1.5.7 – 1.5.7
- OpenBSD / OpenSSH1.5.8 – 1.5.8
- OpenBSD / OpenSSH2.1 – 2.1
- OpenBSD / OpenSSH2.1.1 – 2.1.1
- OpenBSD / OpenSSH2.2 – 2.2
- OpenBSD / OpenSSH2.3 – 2.3
- OpenBSD / OpenSSH2.3.1 – 2.3.1
- OpenBSD / OpenSSH2.5 – 2.5
- OpenBSD / OpenSSH2.5.1 – 2.5.1
- OpenBSD / OpenSSH2.5.2 – 2.5.2
- OpenBSD / OpenSSH2.9 – 2.9
- OpenBSD / OpenSSH2.9.9 – 2.9.9
- OpenBSD / OpenSSH2.9.9p2 – 2.9.9p2
- OpenBSD / OpenSSH2.9p1 – 2.9p1
- OpenBSD / OpenSSH2.9p2 – 2.9p2
- OpenBSD / OpenSSH3.0 – 3.0
- OpenBSD / OpenSSH3.0.1 – 3.0.1
- OpenBSD / OpenSSH3.0.1p1 – 3.0.1p1
- OpenBSD / OpenSSH3.0.2 – 3.0.2
- OpenBSD / OpenSSH3.0.2p1 – 3.0.2p1
- OpenBSD / OpenSSH3.0p1 – 3.0p1
- OpenBSD / OpenSSH3.1 – 3.1
- OpenBSD / OpenSSH3.1p1 – 3.1p1
- OpenBSD / OpenSSH3.2 – 3.2
- OpenBSD / OpenSSH3.2.2 – 3.2.2
- OpenBSD / OpenSSH3.2.2p1 – 3.2.2p1
- OpenBSD / OpenSSH3.2.3p1 – 3.2.3p1
- OpenBSD / OpenSSH3.3 – 3.3
- OpenBSD / OpenSSH3.3p1 – 3.3p1
- OpenBSD / OpenSSH3.4 – 3.4
- OpenBSD / OpenSSH3.4p1 – 3.4p1
- OpenBSD / OpenSSH3.5 – 3.5
- OpenBSD / OpenSSH3.5p1 – 3.5p1
- OpenBSD / OpenSSH3.6 – 3.6
- OpenBSD / OpenSSH3.6.1 – 3.6.1
- OpenBSD / OpenSSH3.6.1p1 – 3.6.1p1
- OpenBSD / OpenSSH3.6.1p2 – 3.6.1p2
- OpenBSD / OpenSSH3.7 – 3.7
- OpenBSD / OpenSSH3.7.1 – 3.7.1
- OpenBSD / OpenSSH3.7.1p1 – 3.7.1p1
- OpenBSD / OpenSSH3.7.1p2 – 3.7.1p2
- OpenBSD / OpenSSH3.8 – 3.8
- OpenBSD / OpenSSH3.8.1 – 3.8.1
- OpenBSD / OpenSSH3.8.1p1 – 3.8.1p1
- OpenBSD / OpenSSH3.9 – 3.9
- OpenBSD / OpenSSH3.9.1 – 3.9.1
- OpenBSD / OpenSSH3.9.1p1 – 3.9.1p1
- OpenBSD / OpenSSH4.0 – 4.0
- OpenBSD / OpenSSH4.0p1 – 4.0p1
- OpenBSD / OpenSSH4.1 – 4.1
- OpenBSD / OpenSSH4.1p1 – 4.1p1
- OpenBSD / OpenSSH4.2 – 4.2
- OpenBSD / OpenSSH4.2p1 – 4.2p1
- OpenBSD / OpenSSH4.3 – 4.3
- OpenBSD / OpenSSH4.3p1 – 4.3p1
- OpenBSD / OpenSSH4.3p2 – 4.3p2
- OpenBSD / OpenSSH4.4 – 4.4
- OpenBSD / OpenSSH4.4p1 – 4.4p1
- OpenBSD / OpenSSH4.5 – 4.5
- OpenBSD / OpenSSH4.6 – 4.6
- OpenBSD / OpenSSH4.7 – 4.7
- OpenBSD / OpenSSH4.7p1 – 4.7p1
- OpenBSD / OpenSSH4.8 – 4.8
- OpenBSD / OpenSSH4.9 – 4.9
- OpenBSD / OpenSSH5.0 – 5.0
- OpenBSD / OpenSSH5.1 – 5.1
- OpenBSD / OpenSSH5.2 – 5.2
- OpenBSD / OpenSSH5.3 – 5.3
- OpenBSD / OpenSSH5.4 – 5.4
- OpenBSD / OpenSSH5.5 – 5.5
References
- MISChttp://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/jpake.c#rev1.5
- MISChttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673
- MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12338
- MISChttp://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/jpake.c.diff?r1=1.4%3Br2=1.5%3Bf=h
- MISChttps://github.com/seb-m/jpake
- MISChttps://bugzilla.redhat.com/show_bug.cgi?id=659297
- MISChttp://seb.dbzteam.org/crypto/jpake-session-key-retrieval.pdf