Support Center > Search Results > SecureKnowledge Details
Check Point response to OpenSSH CBC Mode Information Disclosure Vulnerability (CVE-2008-5161) Technical Level
Symptoms
  • CPNI has released an advisory regarding a weakness in the Cipher-Block Chaining (CBC) mode of the SSH protocol (CVE-2008-5161).

  • This vulnerability affects the OpenSSH package distributed with SecurePlatform / Gaia OS.

  • Security impact of this vulnerability is insignificant.
Cause

This weakness could allow an attacker who is able to inject arbitrary data into an SSH session to recover up to 32 bits (4 bytes) of data by causing an error condition.
This attack method causes the SSH session to terminate, and therefore cannot be used to obtain arbitrary amounts of data from a given session.

The attack requires a high degree of control over the local network (i.e., knowledge of ongoing SSH sessions, their IP addresses, ports and sequence numbers), has a very low probability of being successful (2-18), and allows the attacker to determine very limited amount of information (4 bytes). Therefore it does not pose a significant threat to the security in SSH on SecurePlatform / Gaia OS.


Solution

Since this issue cannot be practically exploited, Check Point will not fix it.

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment