OpenBSD logo

The Qualys Security team discovered two vulnerabilities in the OpenSSH client.

CVE-2016-0777 Information leak

Can be exploited by a rogue SSH server to trick a client into leaking sensitive data from the client memory, including for example private keys.

CVE-2016-0778 Buffer overflow

A buffer overflow (leading to file descriptor leak), can also be
exploited by a rogue SSH server.

One can mitigate CVE-2016-0777 by disabling the experimental roaming option in the ssh client:

echo -e ‘Host *\nUseRoaming no’ >> /etc/ssh/ssh_config

Updated binaries are being pushed by operating system vendors.

NO COMMENTS