zlib compression, the exploit, and OpenSSH

[Damien Miller]

On Wed, 13 Mar 2002, ewheeler at kaico.com wrote:

>   Attached is a zlib advisory and a debug dump of ssh with compression
> enabled.  Most of the debug is superflous, so I have underlined the two
> points to look at.  When creating an ssh connection, compression on the
> line is done *before* authentication -- This means an unauthorized
> attacker could, conceivable, leverage root access by connecting with to
> the ssh server requesting zlib compression and sending a specialy tailored
> packet.  The CERT advisory for zlib's bug is also attached.
> 
>   I would like to start a discussion on the following points:
> 
> 1.  What is the exposure to this bug?

The vulnerability can be triggered, but whether this can be leveraged
into an exploit remains to be seen.

> 2.  What are the logistics of moving all non-critical external library
> calls (zlib in this case, but others if they exist) *after*
> authentication?

Not easy, what's "non-critical"?

> 3.  Does OpenSSH statically link (or can it/does it by default) to the
> zlib library -- will updating the zlib library to 1.1.4 take care of the
> situation?

Depends on the system.

> 4.  Are there any proactive measures besides moving non-critical library
> calls after authentication which could be done within the OpenSSH code?

Work is underway to improve things:

http://www.citi.umich.edu/u/provos/ssh/privsep.html

-d