Last Updated: 2015-09-23 16:53:27 UTC
by Daniel Wesemann (Version: 1)
Cisco have released three patch bulletins today http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep15.html for issues affecting their IOS and IOS XE firmware. The most intriguing one on the list is called "RSA based user authentication bypass vulnerability", and from the description, it sounds like key based SSH authentication can be successful "with a crafted private key" if the attacker "knows the userid and the associated RSA public key". Well ... if it were readily possible to "craft" the private key out of a known public key, then most of our Internet crypto protocols would become invalid overnight. Hence, something else must be at the root of this problem, but what exactly, the advisory doesn't say. Probably something embarrassing, like another backdoor or default key.