Vulnerability in the SSH protocol - CVE-2024-6387 - senhasegura not vulnerable from 3.33 onwards

Regarding the vulnerability identified with the code CVE-2023-48795, it is important to highlight that there are no security threats for senhasegura in version 3.33 onwards. This is because these versions of senhasegura are protected against this specific vulnerability.

To clarify, the CVE-2023-48795 vulnerability was discovered by Fabian Baeumer, Marcus Brinkmann and Joerg Schwenk. They identified that the SSH protocol may be vulnerable to a prefix truncation attack, known as a “Terrapin attack”. This type of attack allows an attacker, acting as an intermediary (Man In The Middle - MITM), to partially compromise the integrity of the SSH transport protocol. The attack is carried out by sending extra messages before encryption begins and by deleting the same number of messages immediately after encryption begins.

To increase protection, it is essential to consider that this attack surface requires the attacker to already have access to the organization’s internal network to carry out an effective MITM attack. As a precaution, we strongly recommend strengthening security measures on devices connected to the network, strictly managing firewall policies, and keeping the secure password on an isolated subnet.

It is important to note that the presence of the Terrapin vulnerability is not observed in senhasegura version 3.33, specifically on ports 59022 and 22, since the packages that could be affected have been updated.