SecurityFocus is designed to facilitate discussion on computer security related topics, create computer security awareness, and to provide the Internet’s largest and most comprehensive database of computer security knowledge and resources to the public. It also hosts the BUGTRAQ mailing list.
J- PAKE: Authenticated Key Exchange without PKI Feng Hao 1 and Peter Ryan2 1 Thales E-Security, Cambridge, UK 2 Faculty Of Science, University of Luxembourg … an active attackermay exploit that equivalence to test multiple passwordsin one go. This problem is particularly serious if a password is a Personal Identi?cation Numbers (PIN). One …
A successful exploit may allow attackers to authenticate without the shared secret, aiding in further attacks. OpenSSH’s implementation of J-PAKE is experimental and is not compiled in by default. OpenSSH 5.6 and prior with J-PAKE implemented are vulnerable.
Did anyone successfully exploit CVE-2010-4478 in the past? This is insufficient validation of the J-PAKE public key parameters in OpenSSH up to 5.6. I’m dealing with a vulnerable machine running OpenSSH 5.1 p1. I need to get a flag but in order to do so, first I need access to the server.
SecurityFocus is designed to facilitate discussion on computer security related topics, create computer security awareness, and to provide the Internet’s largest and most comprehensive database of computer security knowledge and resources to the public. It also hosts the BUGTRAQ mailing list.
12/3/2010 · A remote user can exploit a flaw in the J-PAKE implementation to successfully validate without having the shared secret. The experimental J-PAKE code is not compiled by default. The original advisory is available at:, CVE-2010-4478 : OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252.
OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252.
