We found a flaw in the SSH specification which allows a MitM attacker to drop certain messages from the secured connection. If you are using SSH, check this out: https://terrapin-attack.com 🐢
Joined work with Fabian Bäumer and Jörg Schwenk at Ruhr University Bochum, HGI, funded by CASA Excellence Cluster / DFG.
thx @lambdafu, @Skrillor et al @ RUB for the excellent research on the [Terrapin Attack](https://terrapin-attack.com).
The #Terrapin Scanner is available here:
https://github.com/RUB-NDS/Terrapin-Scanner
For Your reference:
- CVE-2023-48795: General Protocol Flaw
- CVE-2023-46445: Rogue Extension Negotiation Attack in AsyncSSH
- CVE-2023-46446: Rogue Session Attack in AsyncSSH
lambdafu
DFN-CERT