drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in openssh
Name: |
Mehrere Probleme in openssh
|
|
ID: |
CSSA-2003-027.0 |
|
Distribution: |
Caldera |
|
Plattformen: |
Caldera Server 3.1.1, Caldera Workstation 3.1.1 |
|
Datum: |
So, 5. Oktober 2003, 13:00 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0682
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0693
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0695
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0786
https://www.kb.cert.org/vuls/id/333628
https://www.kb.cert.org/vuls/id/602204 |
|
Applikationen: |
Portable OpenSSH |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
______________________________________________________________________________
SCO Security Advisory
Subject: OpenLinux: OpenSSH: multiple buffer handling problems Advisory number: CSSA-2003-027.0 Issue date: 2003 October 02 Cross reference: sr884647 fz528312 erg712429 CERT VU#333628 CERT VU#602204 CAN-2003-0693 CAN-2003-0695 CAN-2003-0682 CAN-2003-0786 ______________________________________________________________________________
1. Problem Description
Several buffer management errors and memory bugs are corrected by this patch. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to these issues. CAN-2003-0693, CAN-2003-0695, CAN-2003-0682, CAN-2003-0786. The CERT Coordination Center has assigned the following names VU#333628, and VU#602204. CERT VU#333628 / CAN-2003-0693: A "buffer management error" in buffer_append_space of buffer.c for OpenSSH before 3.7 may allow remote attackers to execute arbitrary code by causing an incorrect amount of memory to be freed and corrupting the heap, a different vulnerability than CAN-2003-0695. CAN-2003-0695: Multiple "buffer management errors" in OpenSSH before 3.7.1 may allow attackers to cause a denial of service or execute arbitrary code using (1) buffer_init in buffer.c, (2) buffer_free in buffer.c, or (3) a separate function in channels.c, a different vulnerability than CAN-2003-0693. CAN-2003-0682: "Memory bugs" in OpenSSH 3.7.1 and earlier, with unknown impact, a different set of vulnerabilities than CAN-2003-0693 and CAN-2003-0695. CERT VU#602204 / CAN-2003-0786: Portable OpenSSH versions 3.7p1 and 3.7.1p1 contain multiple vulnerabilities in the new PAM code. At least one of these bugs is remotely exploitable (under a non-standard configuration, with privsep disabled).
2. Vulnerable Supported Versions
System Package ---------------------------------------------------------------------- OpenLinux 3.1.1 Server prior to openssh-3.7.1p2-1.i386.rpm prior to openssh-askpass-3.7.1p2-1.i386.rpm prior to openssh-server-3.7.1p2-1.i386.rpm
OpenLinux 3.1.1 Workstation prior to openssh-3.7.1p2-1.i386.rpm prior to openssh-askpass-3.7.1p2-1.i386.rpm prior to openssh-server-3.7.1p2-1.i386.rpm
3. Solution
The proper solution is to install the latest packages. Many customers find it easier to use the Caldera System Updater, called cupdate (or kcupdate under the KDE environment), to update these packages rather than downloading and installing them by hand.
4. OpenLinux 3.1.1 Server
4.1 Package Location
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-027.0/RPMS 4.2 Packages
b221123334fd2dbe93d049038175f91b openssh-3.7.1p2-1.i386.rpm 3290dd2b9cacfc1c7188b9a744645123 openssh-askpass-3.7.1p2-1.i386.rpm e5f5d9bbbfeb4e97629dae7b2446418f openssh-server-3.7.1p2-1.i386.rpm
4.3 Installation
rpm -Fvh openssh-3.7.1p2-1.i386.rpm rpm -Fvh openssh-askpass-3.7.1p2-1.i386.rpm rpm -Fvh openssh-server-3.7.1p2-1.i386.rpm
4.4 Source Package Location
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-027.0/SRPMS
4.5 Source Packages
19fba72b17344b49390210f7988c3d0f openssh-3.7.1p2-1.src.rpm
5. OpenLinux 3.1.1 Workstation
5.1 Package Location
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2003-027.0/RPMS
5.2 Packages
ecae4ebd7d44036200fca7f4e7a00c85 openssh-3.7.1p2-1.i386.rpm 086fd39a605fb8e5332ddeb9ad57d271 openssh-askpass-3.7.1p2-1.i386.rpm d1bf2e78daf806738bdedfcef9587830 openssh-server-3.7.1p2-1.i386.rpm
5.3 Installation
rpm -Fvh openssh-3.7.1p2-1.i386.rpm rpm -Fvh openssh-askpass-3.7.1p2-1.i386.rpm rpm -Fvh openssh-server-3.7.1p2-1.i386.rpm
5.4 Source Package Location
SRPMS
5.5 Source Packages
3cb08e4470041e84b893618a2df75bf1 openssh-3.7.1p2-1.src.rpm
6. References
Specific references for this advisory:
http://www.openssh.com/txt/buffer.adv 000063.html patch-buffer.c http://marc.theaimsgroup.com/?l=openbsd-misc&m=106371592604940 http://marc.theaimsgroup.com/?l=openbsd-security-announce&m=106375582924840 SCO security resources: http://www.sco.com/support/security/index.html
This security fix closes SCO incidents sr884647 fz528312 erg712429.
7. Disclaimer
SCO is not responsible for the misuse of any of the information we provide on this website and/or through our security advisories. Our advisories are a service to our customers intended to promote secure installation and use of SCO products. ______________________________________________________________________________
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org
iEYEARECAAYFAj98mhUACgkQbluZssSXDTGZygCgvZzjkuPGLdxI5isCr53CqcwI qSMAn3h8zJBLu8JbvQCvF8ALp078b9OO =71ME -----END PGP SIGNATURE-----
|
|
|
|