Check or Attack Name: Sshd 1223 Check

An obsolete version of the SSH secure shell daemon, sshd version 1.2.23, has been detected. Sshd allows another computer to log in over a network, execute commands from a remote machine, and move files from one machine to another. It provides strong authentication and secure communications over insecure channels.

All versions of sshd less than version 1.2.23 have multiple security weaknesses. Specifically, versions prior to 1.2.23 are vulnerable to attacks where sshd can be forced to execute arbitrary commands. This vulnerability allows an attacker to execute arbitrary commands on the SSH server or otherwise subvert an encrypted SSH channel with arbitrary data. This issue has been reported to be resolved in sshd version 1.2.25.

Upgrade sshd servers and clients.

Unix: The latest version of ssh is available from ftp://ftp.cs.hut.fi/pub/ssh/.

Windows, Unix, Macintosh: F-Secure SSH version 1.3.5 fixes this security problem. If you are using the commercial Data Fellows' SSH package and you have a support contract, you can obtain v1.3.5 from your local retailer. Users without a support contract can obtain a patch that fixes this problem from http://www.DataFellows.com/fsecure/support/ssh/bug/su134patch.html.

Data Fellows Web Site, F-Secure SSH Tunnel&Terminal, http://www.datafellows.com/f-secure/fclintp.htm

CORE SDI R+D Lab, Secure Shell Insertion Attack, http://www.core-sdi.com/CoreLabs/english/ssh/index.html

Thomas K÷nig's Web Site, The Ssh (Secure Shell) FAQ - Frequently asked questions, http://www.uni-karlsruhe.de/~ig25/ssh-faq/