{
"187315": {
"name_en": "SSH Terrapin Prefix Truncation Weakness (CVE-2023-48795)",
"name_cn": "远程 SSH 服务器容易受到 mitm 前缀截断攻击。",
"risk_en": "Medium",
"risk_cn": "中危",
"describe_en": "The remote SSH server is vulnerable to a man-in-the-middle prefix truncation weakness known as Terrapin. This can allow a remote, man-in-the-middle attacker to bypass integrity checks and downgrade the connection's security. Note that this plugin only checks for remote SSH servers that support either ChaCha20-Poly1305 or CBC with Encrypt-then-MAC and do not support the strict key exchange countermeasures. It does not check for vulnerable software versions.",
"describe_cn": "远程 SSH 服务器容易受到称为 Terrapin 的中间人前缀截断弱点的攻击。远程中间人攻击者可利用此漏洞,绕过完整性检查并降低连接的安全性。",
"solution_en": "Contact the vendor for an update with the strict key exchange countermeasures or disable the affected algorithms.",
"solution_cn": "请注意,此插件仅检查支持 ChaCha20-Poly1305 或使用 Encrypt-then-MAC 的 CBC 的远程 SSH 服务器,且不支持严格的密钥交换对策。此插件不会检查易受攻击的软件版本。",
"cve": "CVE-2023-48795"
}
}
ltfafei
commented
4 months ago