OpenBSD Journal
Home : : Add Story : : Archives : : About : : Create Account : : Login :
OpenSSH: client bugs CVE-2016-0777 and CVE-2016-0778
Contributed by tj on Fri Jan 15 22:02:33 2016 (GMT)
from the i-have-a-fviend-in-Vome dept.

This is the most serious bug you'll hear about this week: the issues identified and fixed in OpenSSH are dubbed CVE-2016-0777 and CVE-2016-0778.

An early heads up came from Theo de Raadt in this mailing list posting.

Until you are able to patch affected systems, the recommended workaround is to use

# echo -e 'Host *\nUseRoaming no' >> /etc/ssh/ssh_config

That is, add the option UseRoaming no to your /etc/ssh/ssh_config (or your user's ~/.ssh/config) file, or start your ssh client with -oUseRoaming=no included on the commandline.

We will be updating this article with more information as it becomes available.

UPDATE: This affects OpenSSH versions 5.4 through 7.1.

UPDATE: The following commit from deraadt@ has just gone in:

CVSROOT:        /cvs
Module name:    src
Changes by:     deraadt@cvs.openbsd.org 2016/01/14 07:34:34

Modified files:
        usr.bin/ssh    : readconf.c ssh.c

Log message:
Disable experimental client-side roaming support.  Server side was
disabled/gutted for years already, but this aspect was surprisingly
forgotten. Thanks for report from Qualys

UPDATE: Errata patches for 5.8 and 5.7 have been published.

UPDATE: Portable OpenSSH 7.1p2 has been released:

 * SECURITY: ssh(1): The OpenSSH client code between 5.4 and 7.1
   contains experimential support for resuming SSH-connections (roaming).

   The matching server code has never been shipped, but the client
   code was enabled by default and could be tricked by a malicious
   server into leaking client memory to the server, including private
   client user keys.

   The authentication of the server host key prevents exploitation
   by a man-in-the-middle, so this information leak is restricted
   to connections to malicious or compromised servers.

   MITIGATION: For OpenSSH >= 5.4 the vulnerable code in the client
   can be completely disabled by adding 'UseRoaming no' to the global
   ssh_config(5) file, or to user configuration in ~/.ssh/config,
   or by passing -oUseRoaming=no on the command line.

UPDATE: Fixed versions are available for OpenBSD snapshots dated 2016-01-12 and later. M:Tier has binpatches for OpenBSD 5.7-stable and 5.8-stable. Debian, Ubuntu, RHEL, and many other Linux distros have it now or will soon.

UPDATE: The roaming code has been stripped out of OpenBSD -current:

CVSROOT:	/cvs
Module name:	src
Changes by:	markus@cvs.openbsd.org	2016/01/14 09:17:40

Modified files:
	usr.bin/ssh    : clientloop.c kex.c kex.h monitor.c 
	                 monitor_wrap.c opacket.c opacket.h packet.c 
	                 packet.h readconf.c readconf.h serverloop.c 
	                 ssh.c ssh2.h sshconnect.c sshconnect2.c sshd.c 
	usr.bin/ssh/lib: Makefile 
	usr.bin/ssh/ssh: Makefile 
	usr.bin/ssh/ssh-keyscan: Makefile 
	usr.bin/ssh/ssh-keysign: Makefile 
	usr.bin/ssh/sshd: Makefile 
Removed files:
	usr.bin/ssh    : roaming.h roaming_client.c roaming_common.c 
	                 roaming_dummy.c roaming_serv.c 

Log message:
remove roaming support; ok djm@

UPDATE: The FreeBSD port has been updated, and a security advisory was issued for the version in their base system the following day.

UPDATE: Qualys Security has posted their full report on the issues.

UPDATE: While the information leak is much more difficult to exploit on systems with ASLR, like OpenBSD, some users may want to consider rotating their key pairs. If you use ssh-agent(1), however, the man page offers some good news:

The agent will never send a private key over its request channel. Instead, operations
that require a private key will be performed by the agent, and the result will be
returned to the requester. This way, private keys are not exposed to clients using the
agent.

UPDATE: For Mac OS X, the version of OpenSSH in MacPorts has been updated. Since Apple typically delays security fixes, you're advised to apply the workaround if using the bundled OpenSSH instead.

[topicopenssh]

<< Xen Support Enabled in -current | Reply | Flattened | Expanded | Call for testing: Concurrent malloc(3) calls (to speed up firefox) >>

Threshold: Help

Related Links
more by tj


  Re: OpenSSH: client bug CVE-0216-0777 (mod 0/68)
by Noryungi (noryungi) (noryungi@yahoo.com) on Thu Jan 14 15:58:57 2016 (GMT)
  CVE number should be CVE-2016-0777 ... no?

Thanks for the heads up.
  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]

  Re: OpenSSH: client bug CVE-2016-0777 (mod -12/66)
by Dan Langille (198.148.79.136) (dan@langille.org) on Thu Jan 14 16:25:47 2016 (GMT)
  Confirmed by two sources: 'UseRoaming no' is the default setting.
  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]

  Re: OpenSSH: client bug CVE-2016-0777 and CVE-2016-0778 (mod 7/55)
by Anonymous Coward (87.142.8.108) on Thu Jan 14 16:44:27 2016 (GMT)
  > Until you are able to patch affected systems, the recommended
> workaround is to use
> # echo 'UseRoaming no' >> /etc/ssh/ssh_config

If for some reason your ssh_config ends with a different
Host pattern this might not apply to all targets. No?

  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]

  Re: OpenSSH: client bugs CVE-2016-0777 and CVE-2016-0778 (mod 3/23)
by bnt (107.155.85.172) (minseylena@gmail.com) on Tue Aug 2 17:28:58 2016 (GMT)
  تعتبر العاب ماكياج وتلبيس بنات لعبة رائعة تبحث عنها جميع الفتيات من محبات موقع العاب بنات اللواتي اعتدن على الدخول لقسم العاب تلبيس بنات الرائع، حيث أن اللعبة تتوفر على الكثير من القطع الواجب عليك تلبيسها لفتاتنا الجميلة لتظهر في ابهى حلة،
  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]

  Re: OpenSSH: client bugs CVE-2016-0777 and CVE-2016-0778 (mod -3/23)
by &#1575;&#1604;&#1593;&#1575;&#1576; (66.85.185.78) (ztmayto4o@moakt.ws) on Mon Aug 22 12:39:26 2016 (GMT)
&#1576;&#1606;&#1575;&#1578;
  إن ألعاب الفلاش تعرف تطورا كبيرا، خصوصا في مجال الجرافيك والأداء، لقد أصبح الإهتمام بهندسة الصورة من الأولويات، إضافة إلى البحث عن الإمتاع في اللعبة، وهذا ما ستلمسه في لعبة خرجت سنة 2016 وهي لعبة الدبابة المدمرة، إحدى روائع موقع العاب سيارات الحربية. العاب سيارات لعب العاب سيارات 2017 al3ab العاب تلبيس بنات العاب باربي العاب فلاش العاب عربيات
  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]

  Re: OpenSSH: client bugs CVE-2016-0777 and CVE-2016-0778 (mod 0/18)
by mxffiles (218.11.246.179) on Tue Feb 7 06:21:47 2017 (GMT)
  This is a very good post which I really enjoy reading. It is not every day that I have the possibility to see something like this. Software mxf Software mxf converter free download to convert HD camcorder files. ts converter convert ts video files to avi, mp4, wmv, mov mts to avi mp4 mov mkv iMovie, FCP/FCE with mts converter, so to convert mts files for your PC and mobiles. mod converter and convert tod files just free download mod video converter. m2ts
  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]

  Re: OpenSSH: client bugs CVE-2016-0777 and CVE-2016-0778 (mod -1/5)
by Taylor Shaw (117.247.104.88) (taylorshaw151@gmail.com) on Fri May 19 12:13:32 2017 (GMT)
  Thanks for the update I have never encountered these issues yet. I would like to thank the author for sharing the codes. I think this post will be a reference to all computer science students. Expecting more source codes like these. <a href="http://www.tabletrental.com/">cheap android tablets</a>
  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]

  Re: OpenSSH: client bugs CVE-2016-0777 and CVE-2016-0778 (mod 0/4)
by Felicity KeFith (keFith520) (zlgigr114@sina.com) on Tue May 30 06:49:54 2017 (GMT)
  Now I need you to relax, take a deep breath, and give the body language of desire flow from your lips quickly. Don't rush it. Just let it flow. Excess to sound natural, not robotic. All people has a naughty side, and is actually a when men and women to allowed this to side of yourself out. Just remember that it's okay. Many be a terrible girl. Your man adore you so as.
  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]

  Re: OpenSSH: client bugs CVE-2016-0777 and CVE-2016-0778 (mod 0/2)
by Taylor (107.150.65.12) (taylorshaw151@gmail.com) on Tue Jul 4 12:13:22 2017 (GMT)
  Bugs have always been an issue with the program. But due to such a great site there were answers to every issue ever came across with the OpenBSD. They even provide the necessary codes making it easy to rectify mistakes. manufactured homes
  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]

[ Home | Add Story | Archives | Polls | About ]

Copyright © 2004-2008 Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to April 2nd 2004 as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. Some icons from slashdot.org used with permission from Kathleen. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. Search engine is ht://Dig. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]