A New Vulnerability Discovered in SSH Protocol
A group of researchers from the University of Rur in Bokhum, Germany, has introduced new equipment to carry out MITM (Man-in-the-Middle) attacks on SSH (Secure Shell) protocols. The attack exploits a vulnerability in the protocol known as CVE-2023-48795. This vulnerability allows the attacker to block the transmission of messages during the connection setup, thereby reducing the level of protection of the connection. The prototype tools for this attack have been published on GitHub.
This vulnerability affects SSH implementations that support Chacha20-Poly1305 or CBC ciphers in combination with the ETM (Encrypt-then-MAC) mode. For example, vulnerabilities have been present in OpenSSH for over a decade. However, the latest release of OpenSSH (version 9.6) has resolved this vulnerability. Other software updates that have addressed the vulnerability include Putty 0.80, Libssh 0.10.6/0.9.8, and Asyncssh 2.14.2. Corrections to the Dropbear SSH software have also been made, but the new release has not yet been issued.
The vulnerability stems from the attacker’s ability to manipulate the traffic of the SSH connection, such as through a malicious wireless access point. By adjusting the sequence numbers of the transmitted packets, the attacker can discreetly remove a number of legitimate SSH messages without detection. The attacker can also delete SSH_MSG_EXT_info messages, which are used to configure protocol extensions. To conceal the loss of packets, the attacker sends a fake package with the same sequence number as the removed package. This fake package contains an SSH_MSG_IGNORE message, which is ignored during processing.