From AMNH - 9/20/24
Our outside scanning service has identified several security issues that need to be addressed on the PODS. Those are included below. For reference, the POD IPs are:
216.73.255.114
216.73.255.115
216.73.255.116
216.73.255.117
216.73.255.118
216.73.255.119
216.73.255.120
216.73.255.121
216.73.255.122
The identified issues are as follows:
SSH Weak Cipher:
Configure the SSH server to disable Arcfour and CBC ciphers.
Self-Signed Certificate
For security purposes, AMNH requires all certificates to be issued from a trusted CA.
Certificate Lifetime is Longer Than Best Practices
Certificate should have a lifetime of no more than 398 days.
No Certificate Revocation Control
The certificate does not contain either CRL or OCSP URLs.
Additionally, the following vulnerabilities were detected by our outside scanning service. It is possible that some or all of these are false positives or patched via back-ported patches, but we require confirmation to have them removed from our scan.
CVE-2023-51385 (CRITICAL SEVERITY)
In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.
CVE-2023-38408 (CRITICAL SEVERITY)
The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.
CVE-2020-14145 (MEDIUM SEVERITY)
The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.
CVE-2023-48795 (MEDIUM SEVERITY)
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC).
CVE-2023-51384 (MEDIUM SEVERITY)
In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.
CVE-2016-20012 (MEDIUM SEVERITY)
** DISPUTED ** OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product.
CVE-2021-36368 (LOW SEVERITY)
** DISPUTED ** An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server, or that the user wishes to allow that server to connect to a different server on the user's behalf. NOTE: the vendor's position is this is not an authentication bypass, since nothing is being bypassed.
From AMNH - 9/20/24
Our outside scanning service has identified several security issues that need to be addressed on the PODS. Those are included below. For reference, the POD IPs are:
216.73.255.114
216.73.255.115
216.73.255.116
216.73.255.117
216.73.255.118
216.73.255.119
216.73.255.120
216.73.255.121
216.73.255.122
The identified issues are as follows:
SSH Weak Cipher:
Configure the SSH server to disable Arcfour and CBC ciphers.
Self-Signed Certificate
For security purposes, AMNH requires all certificates to be issued from a trusted CA.
Certificate Lifetime is Longer Than Best Practices
Certificate should have a lifetime of no more than 398 days.
No Certificate Revocation Control
The certificate does not contain either CRL or OCSP URLs.
Additionally, the following vulnerabilities were detected by our outside scanning service. It is possible that some or all of these are false positives or patched via back-ported patches, but we require confirmation to have them removed from our scan.
CVE-2023-51385 (CRITICAL SEVERITY)
In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.
CVE-2023-38408 (CRITICAL SEVERITY)
The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.
CVE-2020-14145 (MEDIUM SEVERITY)
The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.
CVE-2023-48795 (MEDIUM SEVERITY)
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC).
CVE-2023-51384 (MEDIUM SEVERITY)
In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.
CVE-2016-20012 (MEDIUM SEVERITY)
** DISPUTED ** OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product.
CVE-2021-36368 (LOW SEVERITY)
** DISPUTED ** An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server, or that the user wishes to allow that server to connect to a different server on the user's behalf. NOTE: the vendor's position is this is not an authentication bypass, since nothing is being bypassed.