Eugeny Tabby Host Key Verification Vulnerability Leading to Password Exposure
Vulnerability
A vulnerability in Eugeny Tabby version 1.0.213 allows remote attackers to intercept sensitive information, specifically SSH usernames and passwords. This occurs even when host key verification fails, creating a potential for man-in-the-middle attacks. The issue has been present for a significant period.
Impact
Exploitation of this vulnerability results in the unintended transmission of SSH passwords to a remote server, bypassing host key verification and increasing the risk of man-in-the-middle attacks.
Reproduction
To reproduce this vulnerability, set up an SSH honeypot to log passwords. Create an SSH profile in Tabby, selecting 'Password' as the authentication method and entering any password. Connect to the profile, and when the host key verification prompt appears, disconnect after a few seconds. The entered password will be logged by the honeypot.
Remediation
Users can update to the latest version of Eugeny Tabby, where this vulnerability has been addressed.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.