FreemindJan 4, 2024

A recent report from the security threat monitoring platform Shadowserver reveals that almost 11 million SSH servers on the public web, identified by unique IP addresses, are vulnerable to Terrapin attacks.

#Cybersecurity #SSH #TerrapinAttack #Cyberthreat

https://cybersec84.wordpress.com/2024/01/04/11-million-ssh-servers-at-risk-terrapin-attack-threatens-secure-communications/

11 Million SSH Servers at Risk: Terrapin Attack Threatens Secure Communications

A staggering 11 million internet-exposed SSH servers are at risk of the Terrapin attack, posing a threat to the integrity of SSH connections, as revealed by academic researchers from Ruhr Universit…

CyberSec84 | Cybersecurity news.
WaseemJan 3, 2024

Make sure to keep your SSH servers secure due to recent attack on the SSH protocol

https://flashfeed.theplanethub.com/2024/01/new-terrapin-attack-threatens-ssh.html

#news #serversecurity #server #security #ssh #terrapinattack

New Terrapin Attack Threatens SSH Protocol Security: What You Need to Know

Researchers from Ruhr University Bochum have discovered a vulnerability in the Secure Shell (SSH) protocol, known as the "Terrapin Attack." ...

Harry SintonenDec 22, 2023

On #OpenSSH ssh (-vvv) client side successful CVE-2023-48795 mitigation will appear as:

debug3: kex_choose_conf: will use strict KEX ordering

On sshd (-ddd) side:

debug3: kex_choose_conf: will use strict KEX ordering [preauth]

#terrapinattack

Sam Stepanyan  πŸ˜Dec 19, 2023
#SSH protocol #vulnerability disclosed:
#TerrapinAttack πŸ‘‡
https://terrapin-attack.com/
Terrapin Attack

Jeff ForcierDec 19, 2023

chuckling that Ars reports the AsyncSSH side of the #TerrapinAttack news w/ "it has 60,000 dl’s /a day/!”, implying this means it's popular.

Twisted, which includes an SSH implementation (Conch; tho I'm not at all sure how much this is truly used, I've never run into it in the wild myself) sees 150K downloads/day.

Paramiko, which is the "top of mind" SSH implementation for Python (I am slightly biased, but…) sees 1.5MM downloads/day.

This, plus the sensationalist headline, make me a bit sad.

Harry SintonenDec 19, 2023
Glad to see that #libssh2 is on top of things adding #terrapinattack mitigation https://github.com/libssh2/libssh2/pull/1291
src: add 'strict KEX' to fix CVE-2023-48795 "Terrapin Attack" by vszakats Β· Pull Request #1291 Β· libssh2/libssh2

Refs: https://terrapin-attack.com/ https://seclists.org/oss-sec/2023/q4/292 https://osv.dev/list?ecosystem=&q=CVE-2023-48795 GHSA-45x7-px36-x8w8 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2...

GitHub
Harry SintonenDec 18, 2023
#OpenSSH 9.6 has been released and it fixes "Terrapin attack" -- https://www.openssh.com/txt/release-9.6 #terrapinattack #vulnerability
Thomas GerbetDec 18, 2023

We got our traditional end of December new attack with a logo. I think we can call the year over, right? (Please nothing else this year πŸ˜… )

https://terrapin-attack.com/

#TerrapinAttack

Terrapin Attack

Simon TathamDec 18, 2023

We've just released #PuTTY version 0.80! This is a SECURITY UPDATE, fixing the newly discovered 'Terrapin' #vulnerability, aka CVE-2023-48795, in some widely used #SSH protocol extensions.

The release is available in the usual place, at https://www.chiark.greenend.org.uk/~sgtatham/putty/

Full information on the vulnerability is at https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-terrapin.html

We urge users to upgrade, and also upgrade #OpenSSH servers. A fix is needed at both ends of the connection to eliminate the vulnerability.

#TerrapinAttack

PuTTY: a free SSH and Telnet client