Security
Headlines
HeadlinesLatestCVEs

Headline

Ubuntu Security Notice USN-6589-1

Ubuntu Security Notice 6589-1 - Fabian Baeumer, Marcus Brinkmann and Joerg Schwenk discovered that the SSH protocol used in FileZilla is prone to a prefix truncation attack, known as the "Terrapin attack". A remote attacker could use this issue to downgrade or disable some security features and obtain sensitive information.

Packet Storm
#vulnerability#ubuntu#ssh

==========================================================================
Ubuntu Security Notice USN-6589-1
January 18, 2024

filezilla vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 23.10
  • Ubuntu 22.04 LTS
  • Ubuntu 20.04 LTS

Summary:

FileZilla could be made to expose sensitive information over the
network.

Software Description:

  • filezilla: Full-featured graphical FTP/FTPS/SFTP client

Details:

Fabian Baeumer, Marcus Brinkmann and Joerg Schwenk discovered that the SSH
protocol used in FileZilla is prone to a prefix truncation attack, known as
the "Terrapin attack". A remote attacker could use this issue to downgrade or
disable some security features and obtain sensitive information.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 23.10:
filezilla 3.65.0-3ubuntu0.1
filezilla-common 3.65.0-3ubuntu0.1

Ubuntu 22.04 LTS:
filezilla 3.58.0-1ubuntu0.1
filezilla-common 3.58.0-1ubuntu0.1

Ubuntu 20.04 LTS:
filezilla 3.46.3-1ubuntu0.1
filezilla-common 3.46.3-1ubuntu0.1

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-6589-1
CVE-2023-48795

Package Information:
https://launchpad.net/ubuntu/+source/filezilla/3.65.0-3ubuntu0.1
https://launchpad.net/ubuntu/+source/filezilla/3.58.0-1ubuntu0.1
https://launchpad.net/ubuntu/+source/filezilla/3.46.3-1ubuntu0.1

Related news

Red Hat Security Advisory 2024-8235-03

Red Hat Security Advisory 2024-8235-03 - Red Hat OpenShift Container Platform release 4.14.39 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include code execution, denial of service, and out of bounds write vulnerabilities.

Debian Security Advisory 5750-1

Debian Linux Security Advisory 5750-1 - Support for the "strict kex" SSH extension has been backported to AsyncSSH (a Python implementation of the SSHv2 protocol) as hardening against the Terrapin attack.

Red Hat Security Advisory 2024-3918-03

Red Hat Security Advisory 2024-3918-03 - Red Hat OpenShift Container Platform release 4.14.30 is now available with updates to packages and images that fix several bugs and add enhancements.

Ubuntu Security Notice USN-6738-1

Ubuntu Security Notice 6738-1 - Fabian Bäumer, Marcus Brinkmann, and Joerg Schwenk discovered that LXD incorrectly handled the handshake phase and the use of sequence numbers in SSH Binary Packet Protocol. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to bypass integrity checks.

Red Hat Security Advisory 2024-0722-03

Red Hat Security Advisory 2024-0722-03 - An update is now available for Red Hat build of Quarkus. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2024-1197-03

Red Hat Security Advisory 2024-1197-03 - A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.

Red Hat Security Advisory 2024-1193-03

Red Hat Security Advisory 2024-1193-03 - An update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Issues addressed include denial of service and file overwrite vulnerabilities.

Red Hat Security Advisory 2024-1150-03

Red Hat Security Advisory 2024-1150-03 - An update for buildah is now available for Red Hat Enterprise Linux 9.

Red Hat Security Advisory 2024-0954-03

Red Hat Security Advisory 2024-0954-03 - The components for Red Hat OpenShift for Windows Containers 10.15.0 are now available. This product release includes bug fixes and security updates for the following packages: windows-machine-config-operator and windows-machine-config-operator-bundle. Issues addressed include a privilege escalation vulnerability.

Red Hat Security Advisory 2024-0843-03

Red Hat Security Advisory 2024-0843-03 - Red Hat OpenShift Serverless version 1.31.1 is now available. Issues addressed include denial of service and traversal vulnerabilities.

Red Hat Security Advisory 2024-0625-03

Red Hat Security Advisory 2024-0625-03 - An update for libssh is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

Red Hat Security Advisory 2024-0538-03

Red Hat Security Advisory 2024-0538-03 - An update for libssh is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include bypass and null pointer vulnerabilities.

Debian Security Advisory 5601-1

Debian Linux Security Advisory 5601-1 - Fabian Baeumer, Marcus Brinkmann and Joerg Schwenk discovered that the SSH protocol is prone to a prefix truncation attack, known as the "Terrapin attack". This attack allows a MITM attacker to effect a limited break of the integrity of the early encrypted SSH transport protocol by sending extra messages prior to the commencement of encryption, and deleting an equal number of consecutive messages immediately after encryption starts.

Ubuntu Security Notice USN-6560-2

Ubuntu Security Notice 6560-2 - USN-6560-1 fixed several vulnerabilities in OpenSSH. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Fabian Bäumer, Marcus Brinkmann, Joerg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being downgraded. This issue is known as the Terrapin attack. This update adds protocol extensions to mitigate this issue.

Debian Security Advisory 5591-1

Debian Linux Security Advisory 5591-1 - Several vulnerabilities were discovered in libssh, a tiny C SSH library.

Gentoo Linux Security Advisory 202312-16

Gentoo Linux Security Advisory 202312-16 - Multiple vulnerabilities have been discovered in libssh, the worst of which could lead to code execution. Versions greater than or equal to 0.10.6 are affected.

Gentoo Linux Security Advisory 202312-17

Gentoo Linux Security Advisory 202312-17 - Multiple vulnerabilities have been discovered in OpenSSH, the worst of which could lead to code execution. Versions greater than or equal to 9.6_p1 are affected.

Debian Security Advisory 5588-1

Debian Linux Security Advisory 5588-1 - Fabian Baeumer, Marcus Brinkmann and Joerg Schwenk discovered that the SSH protocol is prone to a prefix truncation attack, known as the "Terrapin attack". This attack allows a MITM attacker to effect a limited break of the integrity of the early encrypted SSH transport protocol by sending extra messages prior to the commencement of encryption, and deleting an equal number of consecutive messages immediately after encryption starts.

Debian Security Advisory 5586-1

Debian Linux Security Advisory 5586-1 - Several vulnerabilities have been discovered in OpenSSH, an implementation of the SSH protocol suite.

Ubuntu Security Notice USN-6561-1

Ubuntu Security Notice 6561-1 - Fabian Bäumer, Marcus Brinkmann, Joerg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being downgraded. This issue is known as the Terrapin attack. This update adds protocol extensions to mitigate this issue.

Ubuntu Security Notice USN-6560-1

Ubuntu Security Notice 6560-1 - Fabian Bäumer, Marcus Brinkmann, Joerg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being downgraded. This issue is known as the Terrapin attack. This update adds protocol extensions to mitigate this issue. Luci Stanescu discovered that OpenSSH incorrectly added destination constraints when smartcard keys were added to ssh-agent, contrary to expectations. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04.

GHSA-45x7-px36-x8w8: Russh vulnerable to Prefix Truncation Attack against ChaCha20-Poly1305 and Encrypt-then-MAC

### Summary Russh v0.40.1 and earlier is vulnerable to a novel prefix truncation attack (a.k.a. Terrapin attack), which allows a man-in-the-middle attacker to strip an arbitrary number of messages right after the initial key exchange, breaking SSH extension negotiation (RFC8308) in the process and thus downgrading connection security. ### Mitigations To mitigate this protocol vulnerability, OpenSSH suggested a so-called "strict kex" which alters the SSH handshake to ensure a Man-in-the-Middle attacker cannot introduce unauthenticated messages as well as convey sequence number manipulation across handshakes. Support for strict key exchange has been added to Russh in the patched version. **Warning: To take effect, both the client and server must support this countermeasure.** As a stop-gap measure, peers may also (temporarily) disable the affected algorithms and use unaffected alternatives like AES-GCM instead until patches are available. ### Details The SSH specifications of Ch...

Packet Storm: Latest News

Ivanti EPM Agent Portal Command Execution