opensshã§ãƒ¦ãƒ¼ã‚¶ã®å˜åœ¨ã‚’ç¢ºèªã§ãã‚‹è„†å¼±æ€§(CVE-2016-6210)

Full Disclosure: opensshd - user enumeration

When SSHD tries to authenticate a non-existing user, it will pick up a fake password structure hardcoded in the SSHD
source code. On this hard coded password structure the password hash is based on BLOWFISH ($2) algorithm.
If real users passwords are hashed using SHA256/SHA512, then sending large passwords (10KB) will result in shorter
response time from the server for non-existing users.

opensshã¯å˜åœ¨ã—ãªã„ãƒ¦ãƒ¼ã‚¶ã§ãƒã‚°ã‚¤ãƒ³ã—ã‚ˆã†ã¨ã™ã‚‹ã¨ãƒãƒ¼ãƒ‰ã‚³ãƒ¼ãƒ‰ã•ã‚ŒãŸå½ã®ãƒ‘ã‚¹ãƒ¯ãƒ¼ãƒ‰ã®ãƒãƒƒã‚·ãƒ¥å€¤ã«å¯¾ã—ã¦èªè¨¼ã—ã‚ˆã†ã¨ã™ã‚‹ã€‚ã§ã€ãƒãƒƒã‚·ãƒ¥å€¤ã®ãƒ‘ã‚¹ãƒ¯ãƒ¼ãƒ‰ã‚’å˜åœ¨ã™ã‚‹ãƒ¦ãƒ¼ã‚¶ãªã‚‰ã°é€šå¸¸SHA256($5)ã‚„SHA512($6)ã§ãƒãƒƒã‚·ãƒ¥ã‚’è¨ˆç®—ã—ã¦ã„ã‚‹ã¯ãšãŒã€å½ã®ãƒ¦ãƒ¼ã‚¶ã®å ´åˆã¯ãƒãƒ¼ãƒ‰ã‚³ãƒ¼ãƒ‰ã•ã‚Œã¦ã„ã‚‹ãƒãƒƒã‚·ãƒ¥å€¤ãŒBlowfish($2)ã§ã‚ã‚‹ãŸã‚ã€å˜åœ¨ã™ã‚‹ãƒ¦ãƒ¼ã‚¶ã¨æ¯”ã¹ã¦è¨ˆç®—ãŒæ—©ãçµ‚äº†ã™ã‚‹ã®ã§ã€ãƒ¦ãƒ¼ã‚¶ã®å˜åœ¨ã‚’ãƒã‚§ãƒƒã‚¯ã™ã‚‹ã“ã¨ãŒã§ãã‚‹ã¨ã„ã†è©±ã®ã‚ˆã†ã ã€‚

auth.cã®fakepwã§ç¢ºã‹ã«ãƒãƒ¼ãƒ‰ã‚³ãƒ¼ãƒ‰ã—ã¦ã„ã‚‹ãªã€‚

struct passwd *
fakepw(void)
{
        static struct passwd fake;

        memset(&fake, 0, sizeof(fake));
        fake.pw_name = "NOUSER";
        fake.pw_passwd =
            "$2a$06$r3.juUaHZDlIbQaO2dS9FuYxL1W9M81R1Tc92PoSNmzvpEqLkLGrK";
#ifdef HAVE_STRUCT_PASSWD_PW_GECOS
        fake.pw_gecos = "NOUSER";
#endif
        fake.pw_uid = privsep_pw == NULL ? (uid_t)-1 : privsep_pw->pw_uid;
        fake.pw_gid = privsep_pw == NULL ? (gid_t)-1 : privsep_pw->pw_gid;
#ifdef HAVE_STRUCT_PASSWD_PW_CLASS
        fake.pw_class = ""; 
#endif
        fake.pw_dir = "/nonexist";
        fake.pw_shell = "/nonexist";

        return (&fake);

ã¦ãã¨ã†ãªãƒ¡ãƒ¢

æœ¬ã®æ„Ÿæƒ³ã¨ã‹æŠ€è¡“ãƒ¡ãƒ¢ã¨ã‹

opensshã§ãƒ¦ãƒ¼ã‚¶ã®å˜åœ¨ã‚’ç¢ºèªã§ãã‚‹è„†å¼±æ€§(CVE-2016-6210)