Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2024.0574 2024-01 Reference Advisory: Junos OS and Junos OS Evolved: Impact of Terrapin SSH Attack (CVE-2023-48795) 29 January 2024 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Junos OS and Junos OS Evolved Publisher: Juniper Networks Operating System: Juniper Resolution: Patch/Upgrade CVE Names: CVE-2023-48795 Original Bulletin: https://supportportal.juniper.net/s/article/2024-01-Reference-Advisory-Junos-OS-and-Junos-OS-Evolved-Impact-of-Terrapin-SSH-Attack-CVE-2023-48795 Comment: CVSS (Max): 3.7 CVE-2023-48795 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N) CVSS Source: Juniper Networks Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N - --------------------------BEGIN INCLUDED TEXT-------------------- Article ID: JSA76462 Product Affected: This issue affects all versions of Junos OS and Junos OS Evolved with the ChaCha20-poly1305 SSH cipher enabled. Severity Level: Low CVSS Score: 3.7 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N) Problem: An Improper Validation of Integrity Check Value vulnerability in OpenSSH before 9.6 of Juniper Networks Junos OS and Junos OS Evolved allows a remote attacker to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka the Terrapin Attack. The most serious identified impact is that it lets an on-path attacker delete the SSH2_MSG_EXT_INFO message sent before authentication starts, allowing the attacker to disable a subset of the keystroke timing obfuscation features introduced in OpenSSH 9.5. There is no other discernable impact to session secrecy or session integrity. Since we do not use OpenSSH 9.5 in Junos OS or Junos OS Evolved, the impact of this issue is limited to a stuck connection in the initial handshake stage. Therefore, it is not as severe as the issue seen in OpenSSH 9.5 Note: This issue is only affected when an on-path attacker at the network layer intercepts and modifies the handshake exchange, and the connection is secured by either ChaCha20-Poly1305 or CBC with Encrypt-then-MAC. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. This issue was discovered during external security research. This issue has been assigned CVE-2023-48795 . Solution: This issue can be completely remediated by excluding the chacha20-poly1305 cipher from SSH and configuring the following ciphers for SSH: user@junos# set system services ssh ciphers [aes128-gcm@openssh.com aes256-gcm@openssh.com] The chacha20-poly1305 cipher has been hidden and deprecated in the following releases: Junos OS: 19.4R3-S13, 20.4R3-S10, 21.4R3-S6, 22.1R3-S5, 22.2R3-S3, 22.4R3-S1, 23.2R2, 23.4R2, 24.1R1, and all subsequent releases. Junos OS Evolved: 19.4R3-S13, 20.4R3-S10, 21.4R3-S6, 22.1R3-S5, 22.2R3-S3, 22.4R3-S1, 23.2R2, 23.4R2, 24.1R1, and all subsequent releases. This issue is being tracked as PR 1781732 which is visible on the Customer Support website. Note: Juniper SIRT's policy is not to evaluate releases which are beyond End of Engineering (EOE) or End of Life (EOL). Workaround: See Solution section above for effective mitigation techniques. Modification History: o 2024-01-25: Initial Publication. Related Information: o KB16613: Overview of the Juniper Networks SIRT Quarterly Security Bulletin Publication Process o KB16765: In which releases are vulnerabilities fixed? o KB16446: Common Vulnerability Scoring System (CVSS) and Juniper's Security Advisories o Report a Security Vulnerability - How to Contact the Juniper Networks Security Incident Response Team o CVE-2023-48795 at cve.mitre.org Acknowledgements o Researchers from the Ruhr University Bochum developed the Terrapin attack and also discovered exploitable implementation flaws in AsyncSSH. o Terrapin Attack: Breaking SSH Channel Integrity By Sequence Number Manipulation, Fabian Baumer, Marcus Brinkmann, Jorg Schwenk. Last Updated: 2024-01-25 Created: 2024-01-25 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBZbc5JckNZI30y1K9AQjgyA//ddrKcJZEUTr2mlsClczayjqSOe0zvp49 oA49KnBFEJGzD9pggG5NDSqkOyTdWvNZSKhwY0LqBs1z0p1lelVWo/m9XeXR5yTn pBFheFvIgMNNf0yM2r4GmN9lPphyd0cZEoTRRZQ7XxI9DQ6vySfYObZbnND0gOVV iLpNZRghEilroxZBPB8cZadYLwGD+zH4KGNQSBiJDK75hRFj9tOtzryEKKRmzOuO b6GMtJf5Phf7mjRBymGEp1HV9LyoGFMtoG70lIQrq9XKI7/A7mKxxy68n8AAs6fL TinTWBTQRqvyWnGiGi0PImsfJ2otwzZ5TCZ22vtUGV3KJQRztqM74btFMIiZFM5p SlWEisxeccLJwbbVE5UNl6QMkxe0M7RXO0BInkxspVLoySiMXwnbCCWqFPpgZJDa cL4MUUnMUsXqbZWmMYF11okGfNsBoTFryez6j13VO4K87kkd//4fjZlzP2cdfQuj rA94NC4uouq4/LEfaJiRo2KUzavnKZgERtKbK3Jlel75WmtXkjMSZF2JvfxBMG0Q aN7xCFIseJikctc+JjEurIiO/83njRheUHdxw7no45WctB/KBU0PBcltwTZWz7u0 NIU96qMAkF6tp/yVEfJtrkrot5O48zKr2PpXrARZbDuOtU5EjD29/4fTyWYzsjpK CGvUoCDdBo0= =vWks -----END PGP SIGNATURE-----