Blog

Vulnerability in OpenSSH Client of All Versions (CVE-2016-0777, CVE-2016-0778)

This post discusses the vulnerabilities (CVE-2016-0777 and CVE-2016-0778) in all versions of OpenSSH and provides guidance on mitigating the risks through configuration updates.

January 16, 2016

Dmytro

OpenSSH CVE-2016-0777 CVE-2016-0778 security patch buffer overflow key leakage

Vulnerability in OpenSSH Client of All Versions (CVE-2016-0777, CVE-2016-0778)

On January 14, 2016, a vulnerability was reported in the OpenSSH client, affecting all versions from 5.4 onward. This issue pertains solely to the OpenSSH client, not the server.

Key Vulnerabilities

CVE-2016-0777: This vulnerability allows for the retrieval of the SSH private key if an attacker has access to a victim’s server and runs a modified SSH server. Given that private keys are often reused across multiple servers, this could result in severe consequences if leaked.
CVE-2016-0778: A traditional buffer overflow vulnerability. While exploitation is unlikely due to the conditions required, it is still recommended to update OpenSSH.

Mitigation Steps

To protect against these vulnerabilities, you can either update OpenSSH or modify your client’s configuration file.

For Linux, FreeBSD, and macOS, edit /etc/ssh/ssh_config and add:

Host *
    UseRoaming no

Note: Users of Putty are unaffected by these vulnerabilities.

For detailed information, refer to the overview on the Qualys website.

Need Help?

Our support team is available 24/7 to assist you with any questions or issues.

Contact Support