[Bug 3313] New: CVE-2020-14145 - will it get fixed?
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Wed May 26 22:20:05 AEST 2021
https://bugzilla.mindrot.org/show_bug.cgi?id=3313
Bug ID: 3313
Summary: CVE-2020-14145 - will it get fixed?
Product: Portable OpenSSH
Version: 8.6p1
Hardware: All
OS: All
Status: NEW
Severity: security
Priority: P5
Component: ssh
Assignee: unassigned-bugs at mindrot.org
Reporter: m.kaiser at bmlv.gv.at
The client side in OpenSSH 5.7 through 8.6 has an Observable
Discrepancy leading to an information leak in the algorithm
negotiation. This allows man-in-the-middle attackers to target initial
connection attempts (where no host key for the server has been cached
by the client).
https://docs.ssh-mitm.at/CVE-2020-14145.html
This tool is able to exploit this vulnerability. At the moment, it only
checks, if a client is vulnerable, but implementing a full exploit is
not hard.
Dropbear was not affected by such a vulnerability, because they are
allwys sending the default algorithm list.
PuTTy has integrated an option to disable/enable preffered host key
algorithm order.
Mitigation:
Clients should always preffere the strongest ciphers per default. By
using HostKeyAlgorithms in your configuration file, you need to
maintain the list and add new algorithms in the right order. This is
error prone and most users do not have enough knowledge about pros and
cons of those algorithms.
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list