Are the Maverick APIs susceptible to the SSH CBC Vulnerability?

Are any versions of Maverick susceptible the SSH CBC vulnerability? 

http://www.kb.cert.org/vuls/id/958563

The nature of the CBC vulnerability means any application that uses CBC is vulnerable. As the note points out the way to secure against the use of CBC is to use CTR mode ciphers.

If you want to ensure this happens then the only method is to remove the use of CBC ciphers from our APIs. The following code should do that leaving only CTR ciphers available. Note this should work for both J2SSH Maverick and Maverick SSHD, where sshContext variable is either a Ssh2Context (J2SSH Maverick) or SshContext (Maverick SSHD)

// Remove chaining block ciphers
sshContext.supportedCiphersCS().remove("aes128-cbc");
sshContext.supportedCiphersCS().remove("aes192-cbc");
sshContext.supportedCiphersCS().remove("aes256-cbc");
sshContext.supportedCiphersCS().remove("blowfish-cbc");
sshContext.supportedCiphersCS().remove("3des-cbc");

sshContext.supportedCiphersSC().remove("aes128-cbc");
sshContext.supportedCiphersSC().remove("aes192-cbc");
sshContext.supportedCiphersSC().remove("aes256-cbc");
sshContext.supportedCiphersSC().remove("blowfish-cbc");
sshContext.supportedCiphersSC().remove("3des-cbc");

// Remove ARCFOUR
sshContext.supportedCiphersSC().remove("arcfour");
sshContext.supportedCiphersSC().remove("arcfour128");
sshContext.supportedCiphersSC().remove("arcfour256");

sshContext.supportedCiphersCS().remove("arcfour");
sshContext.supportedCiphersCS().remove("arcfour128");
sshContext.supportedCiphersCS().remove("arcfour256");

Have more questions? Submit a request

1 Comments

  • 0
    Avatar
    Ted Keenan

    The converse is also true for the open source version of maverick.

    If you want to use a cbc cipher you must first enable it. on both the SC and CS supported ciphers lists, for example, to add aes128-cbc.

    sshContext.supportedCiphersCS().add(Ssh2Context.CIPHER_AES128_CBC , AES128Cbc.class);
    sshContext.supportedCiphersSC().add(Ssh2Context.CIPHER_AES128_CBC , AES128Cbc.class);

    Where Ssh2Context.CIPHER_AES128_CBC is the name of the cipher and AES128Cbc.class is the class that enables the cipher.

    I never would have figured that out without this article.

     

Please sign in to leave a comment.