According to this article, some MIT researchers have discovered flaws in SSH.
Secure business networks are at risk thanks to a vulnerability in a fundamental protocol, according to security researchers at the Massachusetts Institute of Technology (MIT).
Researchers have highlighted the increasing danger of attacks exploiting weaknesses in SSH (Secure Shell), and warned that such attacks are likely to be automated in the near future. The risks are not theoretical - SSH weaknesses were involved in a spate of attacks last year, including the theft of source code from Cisco Systems and a series of compromises affecting major universities, corporations, national laboratories, super-computing centers and military institutions, the researchers said.
Grid systems, which link research institutions together in order to share data and processing power, are particularly vulnerable because they create close links between a large number of institutions, according to MIT. Among the victims of last year's attacks were several research institutions connected to TeraGrid, a research grid.
However, universities are not the only ones affected. SSH is used in most Unix and Linux networks to secure remote command execution, file transfer and other services. "As SSH has become one of our most trusted services, attacks that highlight its limitations have become widespread," the paper said.
In writing the paper, called "Inoculating SSH Against Address-Harvesting Worms", MIT researchers Stuart Schechter, Jaeyeon Jung, Will Stockwell and Cynthia McLain collected information from a number of organizational networks, and found that most networks are vulnerable to a weakness involving SSH's known_hosts databases.
These databases, stored on SSH clients, include the list of remote hosts each user has previously contacted via SSH, along with the hosts' public keys, a component used by SSH to create a secure connection. The problem is that when a client is compromised by an attacker or malicious code, the known_hosts database is easy to use in targeting other hosts.
http://www.linuxlinks.com/portal/news/article.php?story=20050518035129556