Mitigating and Preventing Vulnerabilities with ELFbac
April 12, 2018
OpenSSH is a free and open-source implementation of the SSH protocols. Since its release in 1999, OpenSSH has been the most popular implementation for securing remote communications. In version 5.4, released in 2010, the OpenSSH client introduced an experimental and undocumented "roaming" feature. The purpose of roaming was to allow the resumption of suspended sessions, e.g., in the case of unexpected network termination. In 2016, CVE-2016-0777 disclosed an information leak present in the implementation of OpenSSH’s roaming feature. Industrial Control Systems and the Internet of Things increasingly depend on secure remote management. With the growing prevalence of off-the-shelf hardware and commercial software being utilized within industry, in conjunction with the popularity of OpenSSH’s (often default) deployment and the reality of recent vulnerabilities targeting it, the security of remote communications is increasingly important and precarious. In this talk, we will discuss a case study in mitigating OpenSSH's roaming bug utilizing our previously introduced ELFbac tool. ELFbac is a language-based development tool that seeks to codify lost programmer intent into enforceable security policy. The policy mechanisms we will describe are simple, but powerfully effective at mitigating and preventing entire classes of common software vulnerabilities.