[j-nsp] SSH version 4 vulnerability on JUNOS

Tim Eberhard xmin0s at gmail.com
Mon Sep 9 12:45:57 EDT 2013


I've checked in with Juniper CERT a couple of times after SSH
vulnerabilities get made public and given the fact they run such older ssh
binaries.

The answer i've received every time is they run a modified version of
OpenSSH 4.4, and disallow unsigned, third party or modified binaries to run
under Junos by default.

With that said, I wouldn't really worry about an X11 session
hijacking vulnerability.. given you don't have X11 installed on your
device. This seems like a generic scan report that looks for anything under
OpenSSH 5.0 and just tells you to upgrade.  I think you're safe to ignore
here Harri.

Hope this helps,
-Tim Eberhard


On Mon, Sep 9, 2013 at 9:16 AM, Harri Makela <harri_makela at yahoo.com> wrote:

> Hi There
>
> I got following report from after the vulneraboility scanning. Now first
> we don`t use IPv6 and secondly how we can check on Juniper that versio is
> SSH 4?
>
>
> Synopsis: The remote SSH service is prone to an X11 session
> hijacking\nvulnerability.
>
> Description:  According to its banner, the version of SSH installed on the
> remote host is older than 5.0.  Such versions may allow a local user to
> hijack X11 sessions because it improperly binds TCP ports on the local IPv6
> interface if the corresponding ports on the IPv4 interface are in use.
>
> Solution : Upgrade to OpenSSH version 5.0 or later.
>
> This is what I have searched on ex-8208 switch and came for SSH:-
>
>
> set system services ssh root-login deny
> set system services ssh protocol-version v2   -----> it says version 2
>
>
> Sorry if these are too basic questions as I am new to all this.
>
> Thanks
> HM
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>


More information about the juniper-nsp mailing list