diff options
-rw-r--r-- | deattack.c | 26 | ||||
-rw-r--r-- | deattack.h | 1 | ||||
-rw-r--r-- | debian/changelog | 9 | ||||
-rw-r--r-- | packet.c | 13 |
4 files changed, 43 insertions, 6 deletions
diff --git a/deattack.c b/deattack.c index 8b55d6686..d174abc76 100644 --- a/deattack.c +++ b/deattack.c | |||
@@ -27,6 +27,24 @@ RCSID("$OpenBSD: deattack.c,v 1.19 2003/09/18 08:49:45 markus Exp $"); | |||
27 | #include "xmalloc.h" | 27 | #include "xmalloc.h" |
28 | #include "deattack.h" | 28 | #include "deattack.h" |
29 | 29 | ||
30 | /* | ||
31 | * CRC attack detection has a worst-case behaviour that is O(N^3) over | ||
32 | * the number of identical blocks in a packet. This behaviour can be | ||
33 | * exploited to create a limited denial of service attack. | ||
34 | * | ||
35 | * However, because we are dealing with encrypted data, identical | ||
36 | * blocks should only occur every 2^35 maximally-sized packets or so. | ||
37 | * Consequently, we can detect this DoS by looking for identical blocks | ||
38 | * in a packet. | ||
39 | * | ||
40 | * The parameter below determines how many identical blocks we will | ||
41 | * accept in a single packet, trading off between attack detection and | ||
42 | * likelihood of terminating a legitimate connection. A value of 32 | ||
43 | * corresponds to an average of 2^40 messages before an attack is | ||
44 | * misdetected | ||
45 | */ | ||
46 | #define MAX_IDENTICAL 32 | ||
47 | |||
30 | /* SSH Constants */ | 48 | /* SSH Constants */ |
31 | #define SSH_MAXBLOCKS (32 * 1024) | 49 | #define SSH_MAXBLOCKS (32 * 1024) |
32 | #define SSH_BLOCKSIZE (8) | 50 | #define SSH_BLOCKSIZE (8) |
@@ -87,7 +105,7 @@ detect_attack(u_char *buf, u_int32_t len, u_char *IV) | |||
87 | static u_int16_t *h = (u_int16_t *) NULL; | 105 | static u_int16_t *h = (u_int16_t *) NULL; |
88 | static u_int32_t n = HASH_MINSIZE / HASH_ENTRYSIZE; | 106 | static u_int32_t n = HASH_MINSIZE / HASH_ENTRYSIZE; |
89 | u_int32_t i, j; | 107 | u_int32_t i, j; |
90 | u_int32_t l; | 108 | u_int32_t l, same; |
91 | u_char *c; | 109 | u_char *c; |
92 | u_char *d; | 110 | u_char *d; |
93 | 111 | ||
@@ -133,17 +151,21 @@ detect_attack(u_char *buf, u_int32_t len, u_char *IV) | |||
133 | if (IV) | 151 | if (IV) |
134 | h[HASH(IV) & (n - 1)] = HASH_IV; | 152 | h[HASH(IV) & (n - 1)] = HASH_IV; |
135 | 153 | ||
136 | for (c = buf, j = 0; c < (buf + len); c += SSH_BLOCKSIZE, j++) { | 154 | for (c = buf, same = j = 0; c < (buf + len); c += SSH_BLOCKSIZE, j++) { |
137 | for (i = HASH(c) & (n - 1); h[i] != HASH_UNUSED; | 155 | for (i = HASH(c) & (n - 1); h[i] != HASH_UNUSED; |
138 | i = (i + 1) & (n - 1)) { | 156 | i = (i + 1) & (n - 1)) { |
139 | if (h[i] == HASH_IV) { | 157 | if (h[i] == HASH_IV) { |
140 | if (!CMP(c, IV)) { | 158 | if (!CMP(c, IV)) { |
159 | if (++same > MAX_IDENTICAL) | ||
160 | return (DEATTACK_DOS_DETECTED); | ||
141 | if (check_crc(c, buf, len, IV)) | 161 | if (check_crc(c, buf, len, IV)) |
142 | return (DEATTACK_DETECTED); | 162 | return (DEATTACK_DETECTED); |
143 | else | 163 | else |
144 | break; | 164 | break; |
145 | } | 165 | } |
146 | } else if (!CMP(c, buf + h[i] * SSH_BLOCKSIZE)) { | 166 | } else if (!CMP(c, buf + h[i] * SSH_BLOCKSIZE)) { |
167 | if (++same > MAX_IDENTICAL) | ||
168 | return (DEATTACK_DOS_DETECTED); | ||
147 | if (check_crc(c, buf, len, IV)) | 169 | if (check_crc(c, buf, len, IV)) |
148 | return (DEATTACK_DETECTED); | 170 | return (DEATTACK_DETECTED); |
149 | else | 171 | else |
diff --git a/deattack.h b/deattack.h index ddccdea50..cd3d7aa3b 100644 --- a/deattack.h +++ b/deattack.h | |||
@@ -25,6 +25,7 @@ | |||
25 | /* Return codes */ | 25 | /* Return codes */ |
26 | #define DEATTACK_OK 0 | 26 | #define DEATTACK_OK 0 |
27 | #define DEATTACK_DETECTED 1 | 27 | #define DEATTACK_DETECTED 1 |
28 | #define DEATTACK_DOS_DETECTED 2 | ||
28 | 29 | ||
29 | int detect_attack(u_char *, u_int32_t, u_char[8]); | 30 | int detect_attack(u_char *, u_int32_t, u_char[8]); |
30 | #endif | 31 | #endif |
diff --git a/debian/changelog b/debian/changelog index 5e321f09b..705a61580 100644 --- a/debian/changelog +++ b/debian/changelog | |||
@@ -1,9 +1,16 @@ | |||
1 | openssh (1:4.3p2-4) UNRELEASED; urgency=low | 1 | openssh (1:4.3p2-4) UNRELEASED; urgency=high |
2 | |||
3 | * Backport from 4.4p1 (since I don't have an updated version of the GSSAPI | ||
4 | patch yet): | ||
5 | - CVE-2006-4924: Fix a pre-authentication denial of service found by | ||
6 | Tavis Ormandy, that would cause sshd(8) to spin until the login grace | ||
7 | time expired (closes: #389995). | ||
2 | 8 | ||
3 | * Read /etc/default/locale as well as /etc/environment (thanks, Raphaël | 9 | * Read /etc/default/locale as well as /etc/environment (thanks, Raphaël |
4 | Hertzog; closes: #369395). | 10 | Hertzog; closes: #369395). |
5 | * Remove no-longer-used ssh/insecure_rshd debconf template. | 11 | * Remove no-longer-used ssh/insecure_rshd debconf template. |
6 | * Make ssh/insecure_telnetd Type: error (closes: #388946). | 12 | * Make ssh/insecure_telnetd Type: error (closes: #388946). |
13 | |||
7 | * debconf template translations: | 14 | * debconf template translations: |
8 | - Update Portuguese (thanks, Rui Branco; closes: #381942). | 15 | - Update Portuguese (thanks, Rui Branco; closes: #381942). |
9 | - Update Spanish (thanks, Javier Fernández-Sanguino Peña; | 16 | - Update Spanish (thanks, Javier Fernández-Sanguino Peña; |
@@ -992,9 +992,16 @@ packet_read_poll1(void) | |||
992 | * (C)1998 CORE-SDI, Buenos Aires Argentina | 992 | * (C)1998 CORE-SDI, Buenos Aires Argentina |
993 | * Ariel Futoransky(futo@core-sdi.com) | 993 | * Ariel Futoransky(futo@core-sdi.com) |
994 | */ | 994 | */ |
995 | if (!receive_context.plaintext && | 995 | if (!receive_context.plaintext) { |
996 | detect_attack(buffer_ptr(&input), padded_len, NULL) == DEATTACK_DETECTED) | 996 | switch (detect_attack(buffer_ptr(&input), padded_len, NULL)) { |
997 | packet_disconnect("crc32 compensation attack: network attack detected"); | 997 | case DEATTACK_DETECTED: |
998 | packet_disconnect("crc32 compensation attack: " | ||
999 | "network attack detected"); | ||
1000 | case DEATTACK_DOS_DETECTED: | ||
1001 | packet_disconnect("deattack denial of " | ||
1002 | "service detected"); | ||
1003 | } | ||
1004 | } | ||
998 | 1005 | ||
999 | /* Decrypt data to incoming_packet. */ | 1006 | /* Decrypt data to incoming_packet. */ |
1000 | buffer_clear(&incoming_packet); | 1007 | buffer_clear(&incoming_packet); |