A vulnerability has been identified in OpenSSH allowing users to access the system from IPs that they where not supposed to.
OpenSSH allows system administrators to limit access to the service based on hostnames or IP addresses. This may be configured so that specific users may only connect from certain IP addresses or hostnames.
The problem is that OpenSSH doesn't know when the restriction applies to a hostname or an IP. This allows users who controls the reverse DNS answer for their IP address to change their hostname so that it matches an IP address.
This affects versions 3.6.1 and earlier.
NOTE: This does not allow users to connect and authenticate with the service unless they have obtained a valid key or username / password.
Solution: Do never rely on IP filtering at application level. Always apply IP restrictions using a perimeter firewall, router, iptables or similar.
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to firstname.lastname@example.org
Subject: OpenSSH IP address restriction bypass
No posts yet
You must be logged in to post a comment.
Secunia Customer Login
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.