[3.4] openssh: User enumeration via covert timing channel (CVE-2016-6210)
When SSHD tries to authenticate a non-existing user, it will pick up a
fake password structure hardcoded in the SSHD
source code. On this hard coded password structure the password hash is
based on BLOWFISH ($2) algorithm.
If real users passwords are hashed using SHA256/SHA512, then sending
large passwords (10KB) will result in shorter
response time from the server for non-existing users.
References:
http://seclists.org/fulldisclosure/2016/Jul/51
Patches:
https://anongit.mindrot.org/openssh.git/commit/?id=9286875a73b2de7736b5e50692739d314cd8d9dc
https://anongit.mindrot.org/openssh.git/commit/?id=283b97ff33ea2c641161950849931bd578de6946
(from redmine: issue id 5926, created on 2016-07-20, closed on 2016-08-09)
- Relations:
- parent #5924 (closed)
- Changesets:
- Revision 189784ec by Natanael Copa on 2016-07-20T12:57:52Z:
main/openssh: security fix for CVE-2016-6210
fixes #5926