search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

Some SSH servers on Microsoft Windows set insecure permissions for the host identification key file

Vulnerability Note VU#973635

Original Release Date: 2005-07-18 | Last Revised: 2005-09-09

Overview

SSH provides remote, encrypted terminal access to hosts. Some SSH servers, when running on Microsoft Windows, set insecure permissions on the file storing the private SSH server hostkey. This could allow an authenticated user to obtain the SSH hostkey and use it to impersonate the server.

Description

Some SSH servers create the hostkey with permissions that allow any user to read the file. As a result, any user logged into the system can read the private SSH hostkey.

The hostkey is used to authenticate the server to the client. This defends against redirection attacks, such as DNS hijacking that cause the client to connect to a malicious server. In such cases, clients that know the public hostkey can verify that the server has the private hostkey, thereby verifying the server is correct.

Impact

If an attacker copies the private hostkey of a server, they can configure a server with the same private key as the legitimate server. Such a server would appear valid to clients if another attack, such as DNS hijacking, was used to trick the client into connecting to the attacker's server.

Solution

Upgrade

Upgrade per vendor information.

Hostkey Regeneration

Regardless of how the vulnerability is addressed, the hostkey may already have been compromised. Regenerating the hostkey will address this problem, although SSH clients with the old key will emit warnings when connecting to the server after the hostkey has been regenerated.


Workaround

Correct Permissions

Manually change the permissions on the hostkey file so that only the Administrator group can read the file. The default file in which the private hostkey file is stored varies by vendor.

Vendor Information

973635
 
Expand all

F-Secure Affected

Notified:  July 21, 2005 Updated: July 27, 2005

Status

Affected

Vendor Statement

All versions of the F-Secure SSH Server for Windows and

Reflection for Secure IT server for SSH on Windows are subject
to the hostkey vulnerability. For details of workarounds or
to request an upgrade to fix the vulnerability, please contact
AttachmateWRQ technical support:
http://support.wrq.com/programs/requesting_support.html

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

We have no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

SSH Communications Security Affected

Updated:  July 18, 2005

Status

Affected

Vendor Statement

Affected Productions

    • SSH Secure Shell for Windows Servers (all versions)
    • SSH Tectia Server (Windows) 4.3.1 and older versions

Remediation

1a) Update the SSH Tectia Server For Windows installation to version 4.3.2, or
1b) Manually make the hostkey file readable only for Administrator group. Default location of file may have been modified in server configuration.
However, the default location of the secret part of the host key is
C:\Program Files\SSH Communications Security\SSH Secure Shell Server\hostkey

and optionally in systems, that were upgraded

2) Generate a new hostkey for system. Caution! The changed hostkey causes warning in clients connecting to the system.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Because the hostkey may have been comprised, we also suggest that you create a new hostkey for the system.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

VanDyke Software Affected

Notified:  July 25, 2005 Updated: August 12, 2005

Status

Affected

Vendor Statement

Description:

In VShell versions 2.3.5 and earlier for Windows, when a host key is automatically created by VShell, the host key file inherits the permissions of its parent directory, potentially allowing access to authenticated users.

Affected Product Versions:

- VShell for Windows, version 2.3.5 and earlier.

Solution:

VShell version 2.3.6 will ensure that when a host key is automatically generated, the permissions on the host key file will be set such that only SYSTEM and members of the Administrators group will have access rights.

VShell users with existing host key files can correct the permissions by modifying the Access Control List for the private host key file such that only SYSTEM and Administrators have access.

By default, the private host key file is created as:
  C:\Program Files\VShell\hostkey

Note: If you have configured VShell to run as a user other than SYSTEM, you will need to allow this user access to the host key file.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Because the hostkey may have been comprised, we also suggest that you create a new hostkey for the system.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

WRQ, Inc. Affected

Notified:  July 21, 2005 Updated: August 30, 2005

Status

Affected

Vendor Statement

Products Affected:

    • F-Secure SSH Server for Windows (all versions)
    • Reflection for Secure IT Windows Server (version 6.0 build 19 and older)

Problem Correction:

Upgrade to Reflection for Secure IT Windows Server version 6.0 build 24 or manually change the permissions of the host's private key file (hostkey) to be readable by members of the Administrator's group only. The default location of the file is:
C:\Program Files\F-Secure\ssh server\hostkey.
(You may have modified this location during installation.)

AttachmateWRQ recommends generating new host keys for all Windows servers to ensure that this vulnerability cannot be exploited.  
Note: When server host keys are regenerated, users will receive a warning message stating that the host's key has changed. Let your users know to expect this behavior, or generate and distribute new known_hosts files that include the new keys.

For additional details and server upgrade information, please see:
   

AttachmateWRQ also recommends that you bookmark and regularly check the Security Updates and Reflection for Secure IT web page for the latest information about updates and vulnerabilities:
   

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

We have no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Bitvise Not Affected

Notified:  September 07, 2005 Updated: September 08, 2005

Status

Not Affected

Vendor Statement

Bitvise SSH server for Windows, WinSSHD, is not affected by this issue.

The server's private key is stored in the WinSSHD registry key with permissions properly set by the installation program, restricting access to administrators and the Local System account only.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Cygwin Unknown

Updated:  July 25, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

We have no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.


CVSS Metrics

Group Score Vector
Base
Temporal
Environmental

References

Acknowledgements

Thanks to SSH Communications Security for reporting this vulnerability.

This document was written by Hal Burch.

Other Information

CVE IDs: CVE-2005-2146
Severity Metric: 3.45
Date Public: 2005-06-30
Date First Published: 2005-07-18
Date Last Updated: 2005-09-09 18:48 UTC
Document Revision: 38

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis