lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Thu, 08 May 2014 23:12:11 -0500
From: James Renken <>
Subject: [FD] SSH key cloning problem in OnApp templates

OnApp sells a "complete IaaS platform" for hosting providers to offer 
virtual servers. Their platform ships with templates (disk images) for 
many different operating systems, which it automatically customizes 
(passwords, network settings, etc.) when a new virtual server is deployed.

During each deployment, the platform removes and regenerates the SSH RSA 
and DSA host keys that are included with the template.

However, it fails to remove and regenerate the ECDSA host keys in its 
templates for newer operating system releases that support ECDSA. All 
customers using these templates are using the same ECDSA host key, 
unless they have been alert or cautious enough to rekey themselves. They 
are gravely vulnerable to attacks on their SSH sessions.

Because I'm not an OnApp customer and do not have direct access to a 
copy of their product, I've been unable to confirm all version(s) of 
their platform or components that may be vulnerable. These templates, 
built in 2012-2013, are vulnerable when used in at least one recent 
OnApp release:

Arch Linux 2012.12 x64
Debian 7.1 Plesk x64
Debian 7.2 x64
Gentoo 12.1 x64
Ubuntu 12.04 x64

I reported this issue to OnApp on March 16, 2014 with a tentative 
disclosure date of April 16, 2014.

As of April 15, 2014, OnApp Support reports that Debian 7 templates have 
been updated.

As of May 8, 2014, none of OnApp's release notes have mentioned this 
issue, and the Debian 7.2 x64 template remains vulnerable on at least 
one OnApp customer's deployment.

It is trivially easy for attackers to identify vulnerable systems. Hosts 
using OnApp should immediately contact all customers that are 
potentially affected. Customers of OnApp-based hosts who are using 
ECDSA-capable SSH daemons should immediately rekey.

James Renken
Sandwich.Net, LLC

Sent through the Full Disclosure mailing list
Web Archives & RSS:

Powered by blists - more mailing lists