Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

[OpenPKG-SA-2006.032] OpenPKG Security Advisory (openssh)

From: OpenPKG <openpkg () openpkg org>
Date: Wed, 8 Nov 2006 17:08:33 +0100
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

OpenPKG Security Advisory                                   OpenPKG GmbH
http://openpkg.org/security/                          http://openpkg.com
OpenPKG-SA-2006.032                                           2006-11-08
________________________________________________________________________

Package:          openssh
Vulnerability:    security bypass
OpenPKG Specific: no

Affected Series:  Affected Packages:          Corrected Packages:
E1.0-SOLID        <= openssh-4.4p1-E1.0.0     >= openssh-4.4p1-E1.0.1
2-STABLE-20061018 <= openssh-4.4p1-2.20061024 >= openssh-4.5p1-2.20061108
2-STABLE          <= openssh-4.4p1-2.20061024 >= openssh-4.5p1-2.20061108
CURRENT           <= openssh-4.4p1-20061104   >= openssh-4.5p1-20061108

Description:
  According to a vendor release announcement [0], a vulnerability
  exists in the privilege separation functionality of the Secure
  Shell (SSH) implementation OpenSSH [1]. The vulnerability is
  caused by an incorrect checking for bad signatures in the sshd(8)
  privilege separation monitor and this way its verification of
  successful authentication is weakened. As a result the monitor and the
  unprivileged process can get out of sync. According to the vendor,
  this bug is not known to be exploitable in the absence of additional
  vulnerabilities. Additionally, OpenPKG's OpenSSH configuration for
  portability reasons has the "privilege separation" functionality not
  enabled by default.
________________________________________________________________________

References:
  [0] http://www.openssh.com/txt/release-4.5
  [1] http://www.openssh.com/
________________________________________________________________________

For security reasons, this advisory was digitally signed with the
OpenPGP public key "OpenPKG <openpkg () openpkg org>" (ID 63C4CB9F) which
you can retrieve from http://openpkg.org/openpkg.org.pgp. Follow the
instructions on http://openpkg.org/security/signatures/ for details on
how to verify the integrity of this advisory.
________________________________________________________________________

-----BEGIN PGP SIGNATURE-----
Comment: OpenPKG <openpkg () openpkg org>

iD8DBQFFUgDpgHWT4GPEy58RAjDDAJ9CdwrWxMqq6eOOADtJxYyzoKjYKwCgzj9p
XIG+pGSPEjmf+yyFqu/A+Qk=
=w+L+
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: