Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseGHSA-hfmc-7525-mj55
GHSA-hfmc-7525-mj55:
Python vulnerability analysis and mitigation
Overview
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, is vulnerable to a prefix truncation attack known as the Terrapin Attack (CVE-2023-48795). This vulnerability allows remote attackers to bypass integrity checks by omitting packets from the extension negotiation message, potentially resulting in security feature downgrades or disabling. The vulnerability affects multiple SSH implementations including AsyncSSH before 2.14.2, Dropbear through 2022.83, PuTTY before 0.80, libssh before 0.10.6, and many others (GitHub Advisory).
Technical details
The vulnerability occurs in the SSH Binary Packet Protocol (BPP) due to mishandling of the handshake phase and sequence numbers. The attack specifically targets the ChaCha20-Poly1305 cipher (chacha20-poly1305@openssh.com) and Encrypt-then-MAC (*-etm@openssh.com) MAC algorithms. The attack works by injecting arbitrary SSHMSGIGNORE messages during initial key exchange and subsequently removing the same number of messages after key exchange completion. This is possible due to missing authentication of excess SSHMSGIGNORE messages and improper sequence number validation. The CVSS score is 5.9 (Medium), with attack vector: Network, attack complexity: High, and no privileges or user interaction required (GitHub Advisory).
Impact
The attack enables downgrading of connection security features through extension negotiation manipulation. For ChaCha20-Poly1305, the attack is guaranteed to work on every connection as this cipher only maintains the message's sequence number. For Encrypt-Then-MAC, practical exploitation requires a CBC cipher, though theoretical integrity is broken for all ciphers in this mode. The vulnerability primarily affects the integrity of the SSH connection, allowing attackers to potentially disable security features or exploit implementation flaws in a man-in-the-middle scenario (GitHub Advisory).
Mitigation and workarounds
To mitigate this vulnerability, OpenSSH introduced a 'strict kex' mechanism that alters the SSH handshake to prevent unauthenticated message injection and sequence number manipulation. This countermeasure requires both client and server support to be effective. As a temporary solution, users can disable the affected algorithms (ChaCha20-Poly1305 and *-etm@openssh.com) and use unaffected alternatives like AES-GCM until patches are available (GitHub Advisory).
Additional resources
Source: This report was generated using AI
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management