漏洞信息(CVE-2008-5161)

一、漏洞 CVE-2008-5161 基础信息

漏洞信息

                                        # N/A

## 漏洞概述
SSH协议中的错误处理问题导致远程攻击者更容易从SSH会话中的任意密文块中恢复出某些明文数据。

## 影响版本
1. **SSH Tectia Client and Server and Connector**
   - 4.0 through 4.4.11
   - 5.0 through 5.2.4
   - 5.3 through 5.3.8
2. **Client and Server and ConnectSecure**
   - 6.0 through 6.0.4
3. **Server for Linux on IBM System z**
   - 6.0.4
4. **Server for IBM z/OS**
   - 5.5.1 and earlier
   - 6.0.0
   - 6.0.1
5. **Client**
   - 4.0-J through 4.3.3-J
   - 4.0-K through 4.3.10-K
6. **OpenSSH**
   - 4.7p1 and possibly other versions

## 细节
当使用块加密算法（如Cipher Block Chaining (CBC)模式）时，错误处理会导致远程攻击者通过未知方法更容易恢复出部分明文数据。

## 影响
远程攻击者可以利用此漏洞从SSH会话中的任意密文块中恢复出某些明文数据，从而可能导致敏感信息泄露。

提示

尽管我们采用了先进的大模型技术，但其输出仍可能包含不准确或过时的信息。
神龙会尽力确保数据准确，但也请结合实际情况进行甄别与判断。
神龙祝您一切顺利！

漏洞标题

N/A

来源：美国国家漏洞数据库 NVD

漏洞描述信息

Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors.

来源：美国国家漏洞数据库 NVD

CVSS信息

N/A

来源：美国国家漏洞数据库 NVD

漏洞类别

N/A

来源：美国国家漏洞数据库 NVD

漏洞标题

OpenSSH CBC模式信息泄露漏洞

来源：中国国家信息安全漏洞库 CNNVD

漏洞描述信息

OpenSSH是一种开放源码的SSH协议的实现，初始版本用于OpenBSD平台，现在已经被移植到多种Unix/Linux类操作系统下。如果配置为CBC模式的话，OpenSSH没有正确地处理分组密码算法加密的SSH会话中所出现的错误，导致可能泄露密文中任意块最多32位纯文本。在以标准配置使用OpenSSH时，攻击者恢复32位纯文本的成功概率为2^{-18}，此外另一种攻击变种恢复14位纯文本的成功概率为2^{-14}。

来源：中国国家信息安全漏洞库 CNNVD

CVSS信息

N/A

来源：中国国家信息安全漏洞库 CNNVD

漏洞类别

信息泄露

来源：中国国家信息安全漏洞库 CNNVD

二、漏洞 CVE-2008-5161 的公开POC

#	POC 描述	源链接	神龙链接
1	CVE-2008-5161 OpenSSH 4.7p1 Audit Helper Automates version checking and credential auditing of legacy OpenSSH 4.7p1 (Debian-8ubuntu1) targets by driving Metasploit’s auxiliary/scanner/ssh/ssh_login module from Python via pwntools.	https://github.com/talha3117/OpenSSH-4.7p1-CVE-2008-5161-Exploit	POC详情

三、漏洞 CVE-2008-5161 的情报信息

http://openssh.org/txt/cbc.adv x_refsource_CONFIRM
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 x_refsource_CONFIRM
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667 x_refsource_CONFIRM
http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/CPNI957037.html x_refsource_CONFIRM
http://support.attachmate.com/techdocs/2398.html x_refsource_CONFIRM
http://support.apple.com/kb/HT3937 x_refsource_CONFIRM
http://www.cpni.gov.uk/Docs/Vulnerability_Advisory_SSH.txt x_refsource_MISC
http://isc.sans.org/diary.html?storyid=5366 x_refsource_MISC
https://kc.mcafee.com/corporate/index?page=content&id=SB10163 x_refsource_CONFIRM
http://support.avaya.com/elmodocs2/security/ASA-2008-503.htm x_refsource_MISC
https://kc.mcafee.com/corporate/index?page=content&id=SB10106 x_refsource_CONFIRM
http://www.ssh.com/company/news/article/953/ x_refsource_CONFIRM
http://secunia.com/advisories/32740 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/32760 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/34857 third-party-advisory x_refsource_SECUNIA
http://osvdb.org/50035 vdb-entry x_refsource_OSVDB
http://secunia.com/advisories/36558 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/32833 third-party-advisory x_refsource_SECUNIA
http://osvdb.org/50036 vdb-entry x_refsource_OSVDB
http://secunia.com/advisories/33308 third-party-advisory x_refsource_SECUNIA
http://osvdb.org/49872 vdb-entry x_refsource_OSVDB
http://secunia.com/advisories/33121 third-party-advisory x_refsource_SECUNIA
http://www.securityfocus.com/bid/32319 vdb-entry x_refsource_BID
http://sunsolve.sun.com/search/document.do?assetkey=1-66-247186-1 vendor-advisory x_refsource_SUNALERT
http://www.securitytracker.com/id?1021236 vdb-entry x_refsource_SECTRACK
http://www.securitytracker.com/id?1021235 vdb-entry x_refsource_SECTRACK
http://www.securitytracker.com/id?1021382 vdb-entry x_refsource_SECTRACK
http://www.kb.cert.org/vuls/id/958563 third-party-advisory x_refsource_CERT-VN
http://marc.info/?l=bugtraq&m=125017764422557&w=2 vendor-advisory x_refsource_HP
http://www.vupen.com/english/advisories/2009/1135 vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2009/3184 vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/3173 vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/3409 vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/3172 vdb-entry x_refsource_VUPEN
http://rhn.redhat.com/errata/RHSA-2009-1287.html vendor-advisory x_refsource_REDHAT
http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html vendor-advisory x_refsource_APPLE
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11279 vdb-entry signature x_refsource_OVAL
http://www.securityfocus.com/archive/1/498558/100/0/threaded mailing-list x_refsource_BUGTRAQ
https://exchange.xforce.ibmcloud.com/vulnerabilities/46620 vdb-entry x_refsource_XF
http://www.securityfocus.com/archive/1/498579/100/0/threaded mailing-list x_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2008-5161

四、漏洞 CVE-2008-5161 的评论

暂无评论

一、 漏洞 CVE-2008-5161 基础信息

漏洞信息

提示

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

二、漏洞 CVE-2008-5161 的公开POC

三、漏洞 CVE-2008-5161 的情报信息

四、漏洞 CVE-2008-5161 的评论

发表评论

一、漏洞 CVE-2008-5161 基础信息