Ogni versione SSH Client rilasciata negli ultimi sei mesi è completamente esposta a due gravi vulnerabilità tramite server SSH maligni che potrebbero causare memory disclosures e buffer overflow.
Il tutto nasce da una feature non documentata presente su OpenSSH che si abilita di default nel caso in cui la connessione del server SSH si rompe inaspettatamente, il client è in grado di riconnettere e riprendere la sua sessione SSH. Tuttavia, grazie a questa feature, è possibile iniziare un attacco su un server SSH compromesso.
Il tutto è sintetizzato con le seguenti righe (di cui potete trovare la fonte completa a questo link):
Although roaming is not supported by the OpenSSH server, it is enabled by default in the OpenSSH client, and contains two vulnerabilities that can be exploited by a malicious SSH server (or a trusted but compromised server): an information leak (memory disclosure), and a buffer overflow (heap-based).
The information leak is exploitable in the default configuration of the OpenSSH client, and (depending on the client’s version, compiler, and operating system) allows a malicious SSH server to steal the client’s private keys. This information leak may have already been exploited in the wild by sophisticated attackers, and high-profile sites or users may need to regenerate their SSH keys accordingly.
The buffer overflow, on the other hand, is present in the default configuration of the OpenSSH client but its exploitation requires two non-default options: a ProxyCommand, and either ForwardAgent (-A) or ForwardX11 (-X). This buffer overflow is therefore unlikely to have any real-world impact, but provides a particularly interesting case study.
All OpenSSH versions between 5.4 and 7.1 are vulnerable, but can be easily hot-fixed by setting the undocumented option “UseRoaming” to “no”, as detailed in the Mitigating Factors section. OpenSSH version 7.1p2 (released on January 14, 2016) disables roaming by default.
Per altre informazioni concernenti le vulnerabilità discusse, recatevi sull’OpenBSD Journal.