CPNI-957037
Matt Johnston
matt at ucc.asn.au
Mon Dec 15 22:33:22 WST 2008
On Thu, Dec 11, 2008 at 02:14:13PM -0500, Brian Minton wrote:
> Is dropbear vulnerable to the CBC mode plaintext recovery attack described at
> http://www.cpni.gov.uk/Docs/Vulnerability_Advisory_SSH.txt
Yes, Dropbear is most likely vulnerable to that attack. The
best workaround (if you're running in the risky situation of
a script that will automatically reconnect) is probably to
use 0.52 which uses Counter Mode by default, which doesn't
have problems. On average an active attacker would have to
disconnect several thousand connections before determining
any cleartext, so the risk of attack for interactive
sessions is low.
Matt
More information about the Dropbear
mailing list