Description

This article applies to BoKS Manager 7.0 and BoKS Manager 7.1.

 

A bug was found when Ansible operations used ssh to communicate with BoKS host. The error message showed "Failed to connect to the host via ssh: ID mismatch (100663296 != 4)". This error occurs only with the BOKS_SSH_FTL (File Transfer Logging) setting enabled. This error could occur with either scp or sftp when shared SSH connections are used.

A second bug, also connected to shared SSH connections and BoKS FTL has been found. This bug could cause hanging sessions or ID mismatch errors during file transfers in shared SSH connections. The problem was that FTL data used for searching FTL messages sent from the sftp or scp server was saved per session and not per channel. This could cause FTL data to be overwritten by another channel in the same shared connection.

 

CVE-2017-3736 bn_sqrx8x_internal carry bug on x86_64

There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. An attacker would additionally need online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared between multiple clients. This only affects processors that support the BMI1, BMI2 and ADX extensions like Intel Broadwell (5th generation) and later or AMD Ryzen.

Note, only x86/x86_64 platforms are affected. Find more about CVE-2017-3736 from MITRE CVE directory and NIST NVD.

 

CVE-2017-3738 rsaz_1024_mul_avx2 overflow bug on x86_64

There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701.

This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation). Note, only x86/x86_64 platforms are affected. Find more about CVE-2017-3738 from OpenSSL.org.

 

In BoKS 7.1, If BOKS_SSH_FTL is enabled (default), a bug in BoKS scp prohibits file transfer logging for successful file uploads with scp.


Resolution / Workaround

 

To resolve this problem, please download HFBM-0198 (for BoKS 7.0) or HFBM-0244 (for BoKS 7.1) from the HelpSystems Community Portal.

 

The 7.0 version of the hotfix includes an updated boks_sshd binary fixing the issues listed above.

The 7.1 version of the hotfix includes an updated boks_sshdsftp-server and scp binary solving
the issues listed above.

 


Still have questions? We can help. Submit a case to Technical Support.

Last Modified On: May 31, 2018