Helsinki, Finland -
October 24, 2001
Advisory regarding SSH protocol version 1 CRC-32 compensation attack detector vulnerability
SSH Communications Security (SSH) has received numerous inquiries about the Secure Shell version 1 CRC-32 Compensation Attack Vulnerability initially discovered in February 8, 2001 and now re-initiated by the recent availability of new exploit tools.
This vulnerability is caused by integer-overflow in deattack.c function detect_attack() that enables an attacker to overwrite arbitrary parts of memory. Altered memory may affect code that is executed by the daemon with uid 0 and through execution give root access to the system.
SSH wants to emphasize that it has deprecated Secure Shell protocol version 1.x based products and strongly recommends users, as an immediate long-term fix, to upgrade to the latest version SSH Secure Shell 3.0.x that is based on the completely redesigned Secure Shell protocol version 2. Secure Shell protocol 2 is also in the IETF standardization process.
SSH has also made available for non-commercial users a fixed version of Secure Shell 1.x - namely Secure Shell 1.2.32 - which includes the fix for this vulnerability.
Please note that enabling Secure Shell protocol 1 fallback option (having Secure Shell 1.x installed with SSH Secure Shell 2.x or newer version in the same server) makes your server vulnerable and you need to upgrade the fallback Secure Shell 1.x server although you are running newer protocol version server as your primary server.
FIX:
SSH recommends upgrading to SSH Secure Shell 3.0.1 through http://commerce.ssh.com/. (Optional upgrading to Secure Shell 1.2.32 is also available for non-commercial users through ftp://ftp.ssh.com/.)
Further note that Secure Shell 1.x version that has been available through F-Secure distribution as F-Secure SSH 1.3.11-2 is not vulnerable. For inquiries regarding F-Secure SSH, please contact F-Secure.
Shiho Hashimoto
SSH Communications Security Corp.
Tel: +358 20 500 7470
E-mail:
This vulnerability is caused by integer-overflow in deattack.c function detect_attack() that enables an attacker to overwrite arbitrary parts of memory. Altered memory may affect code that is executed by the daemon with uid 0 and through execution give root access to the system.
SSH wants to emphasize that it has deprecated Secure Shell protocol version 1.x based products and strongly recommends users, as an immediate long-term fix, to upgrade to the latest version SSH Secure Shell 3.0.x that is based on the completely redesigned Secure Shell protocol version 2. Secure Shell protocol 2 is also in the IETF standardization process.
SSH has also made available for non-commercial users a fixed version of Secure Shell 1.x - namely Secure Shell 1.2.32 - which includes the fix for this vulnerability.
VULNERABLE VERSIONS:
Non-commercial Secure Shell versions 1.2.24 through 1.2.31Please note that enabling Secure Shell protocol 1 fallback option (having Secure Shell 1.x installed with SSH Secure Shell 2.x or newer version in the same server) makes your server vulnerable and you need to upgrade the fallback Secure Shell 1.x server although you are running newer protocol version server as your primary server.
FIX:
SSH recommends upgrading to SSH Secure Shell 3.0.1 through http://commerce.ssh.com/. (Optional upgrading to Secure Shell 1.2.32 is also available for non-commercial users through ftp://ftp.ssh.com/.)
NOT VULNERABLE:
All Secure Shell protocol version 2 based products from SSH Communications Security are not vulnerable, including:- SSH Secure Shell for Servers 2.0 through 3.0.x
- SSH Secure Shell for Workstations 2.0 through 3.0.x
- SSH Secure Shell for Windows Servers 1.0
Further note that Secure Shell 1.x version that has been available through F-Secure distribution as F-Secure SSH 1.3.11-2 is not vulnerable. For inquiries regarding F-Secure SSH, please contact F-Secure.
SSH Corp. Contact
George Adams
SSH Communications Security Corp.
Tel: +1 781 247 2100
E-mail: 
Americas Contact
Byron Rashed
SSH Communications Security, Inc.
Tel: +1 650 251 2721
E-mail: 
Europe Contact
Bo Sorensen
SSH Communications Security Corp.
Tel: +358 20 500 7404
E-mail: 
Investor Relations
Mika Peuranen
SSH Communications Security Corp.
Tel: +358 20 500 7419
E-mail: 
U.S. Agency Contact
Cheryl Seaberg
Walt & Company
Tel: +1 408 496 0900 x 2981
E-mail: 
Shiho Hashimoto
SSH Communications Security Corp.
Tel: +358 20 500 7470
E-mail:
© 2002 SSH Communications Security Corp. All rights reserved. ssh® is a registered trademark of SSH Communications Security Corp in the United States and in certain other jurisdictions. All other names and marks are property of their respective owners.