Wed Apr 25 22:49:30 CEST 2007

OpenSSH S/Key Remote Information Disclosure Vulnerability

Author: Sebastian "Rembrandt" Rother
Date: known since somewhere in 2005
Affected Software: OpenSSH 4.6 <=, Proppably everything wich is based on OpenSSH
Type: Remote
Type: Enumeration of system accaunts
CVE: 2007-2243

OpenSSH is vulnerable to an information leak which allows remote attackers
to gain informations about system accounts, in case S/KEY is used on the system.

If "ChallengeResponseAuthentication" is set to "Yes", which is the default
setting, SH allows the user to login by using S/KEY in the form of
'ssh userid:skey at hostname'.

The normal behavior for SSH looks like this:

alucard $ ssh user at somewhere
Permission denied (publickey,keyboard-interactive).

Passwordauthentication is disabled as you can see.
Now you can test about ChallangeResponseAuthentication.
If it`s enabled it will let you determine the existence of system accounts.

alucard $ ssh user:skey at somewhere
otp-md5 99 some04578
S/Key Password:

alucard $

If a account does not exist OpenSSH reacts like exspected.

alucard $ ssh testuser:skey at somewhere
Permission denied (publickey,keyboard-interactive).

As you can see clearly OpenSSH discloses the existence of system accounts.
A possible solution for this problem would be to print a fake S/Key-Request
even for non existing users as well as it`s done with the Passwordauthentication.

Posted by Sebastian Rother | Permanent link | File under: openbsd, openssh, authentication