CVE-2015-5600: sshd(8): Fix circumvention of MaxAuthTries using keyboard-interactive authentication (closes: #793616).

author: Colin Watson <cjwatson@debian.org> 2015-08-19 18:44:47 +0100
committer: Colin Watson <cjwatson@debian.org> 2015-08-19 18:45:49 +0100
commit: 6461fa1951314cf8c8ee9a7999f987b8003f4ff6 (patch)
tree: bcbcccfa77e1754cbc711f42b67f3c5a4105bc28 /debian/changelog
parent: d2d9171e73cd2db10fabf9dd4924d3dcd5f13c7a (diff)
parent: ba9e0b1d4edf5876b289affd9d31bab493f0d0a4 (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog
index 8e8e9d778..252bc394f 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -144,6 +144,13 @@ openssh (1:6.9p1-1) UNRELEASED; urgency=medium
      reachable by attackers who could compromise the pre-authentication
      process for remote code execution (closes: #795711).  Also reported by
      Moritz Jodeit.
+    - CVE-2015-5600: sshd(8): Fix circumvention of MaxAuthTries using
+      keyboard-interactive authentication (closes: #793616).  By specifying
+      a long, repeating keyboard-interactive "devices" string, an attacker
+      could request the same authentication method be tried thousands of
+      times in a single pass.  The LoginGraceTime timeout in sshd(8) and any
+      authentication failure delays implemented by the authentication
+      mechanism itself were still applied.  Found by Kingcope.
  * Thanks to Jakub Jelen of Red Hat for Fedora's rebased version of the
    GSSAPI key exchange patch.
author	Colin Watson <cjwatson@debian.org>	2015-08-19 18:44:47 +0100
committer	Colin Watson <cjwatson@debian.org>	2015-08-19 18:45:49 +0100
commit	6461fa1951314cf8c8ee9a7999f987b8003f4ff6 (patch)
tree	bcbcccfa77e1754cbc711f42b67f3c5a4105bc28 /debian/changelog
parent	d2d9171e73cd2db10fabf9dd4924d3dcd5f13c7a (diff)
parent	ba9e0b1d4edf5876b289affd9d31bab493f0d0a4 (diff)

diff --git a/debian/changelog b/debian/changelog index 8e8e9d778..252bc394f 100644 --- a/debian/changelog +++ b/debian/changelog
@@ -144,6 +144,13 @@ openssh (1:6.9p1-1) UNRELEASED; urgency=medium
144	reachable by attackers who could compromise the pre-authentication	144	reachable by attackers who could compromise the pre-authentication
145	process for remote code execution (closes: #795711). Also reported by	145	process for remote code execution (closes: #795711). Also reported by
146	Moritz Jodeit.	146	Moritz Jodeit.
		147	- CVE-2015-5600: sshd(8): Fix circumvention of MaxAuthTries using
		148	keyboard-interactive authentication (closes: #793616). By specifying
		149	a long, repeating keyboard-interactive "devices" string, an attacker
		150	could request the same authentication method be tried thousands of
		151	times in a single pass. The LoginGraceTime timeout in sshd(8) and any
		152	authentication failure delays implemented by the authentication
		153	mechanism itself were still applied. Found by Kingcope.
147	* Thanks to Jakub Jelen of Red Hat for Fedora's rebased version of the	154	* Thanks to Jakub Jelen of Red Hat for Fedora's rebased version of the
148	GSSAPI key exchange patch.	155	GSSAPI key exchange patch.
149		156