openssl bug causes sshd crashed on FreeBSD 9.3-RELEASE

Dag-Erling Smørgrav des at des.no
Wed Mar 9 22:59:08 UTC 2016


Akihiro HIRANO <hirano at t.kanazawa-u.ac.jp> writes:
> Frank Möller <moeller at gonicus.de> writes:
> > After updating to FreeBSD 9.3-RELEASE-p37 sshd from the base system
> > crashes by signal 11 when I connect to the server with an old ssh
> > client (e.g. OpenSSH_4.5p1).  Using a newer ssh client versions
> > (e.g. OpenSSH_6.6.1p1 from FreeBSD 9.3-RELEASE-p10) the sshd works
> > fine.
> Hum... I tried OpenSSH_6.6.1p1 client on 9.3-RELEASE-p37
> and OpenSSH_6.4p1 client on 10.0-RELEASE-p18.
> Both clients cause sshd on 9.3-RELEASE-p37 crashed by signal 11.

It depends on which ciphers you use.  If my hunch is correct, the bug is
somewhere in the codepath for RSA, so newer versions (which default to
ECDSA) will be less likely to trigger it, but it will also depend on the
server version and whether the server has an ECDSA host key.

DES
-- 
Dag-Erling Smørgrav - des at des.no


More information about the freebsd-security mailing list