1 |
- ----------------------------------------------------------------------- |
2 |
GLSA: GENTOO LINUX SECURITY ANNOUNCEMENT |
3 |
- ----------------------------------------------------------------------- |
4 |
PACKAGE : OpenSSH |
5 |
SUMMARY : security vulnerability in openssh |
6 |
DATE : Thu Jun 27 02:03:04 UTC 2002 |
7 |
- ----------------------------------------------------------------------- |
8 |
|
9 |
OVERVIEW |
10 |
|
11 |
This bug can be exploited remotely if ChallengeResponseAuthentication |
12 |
is enabled in sshd_config, allowing attackers to gain superuser access. |
13 |
|
14 |
DETAIL |
15 |
|
16 |
A vulnerability exists within the "challenge-response" authentication |
17 |
mechanism in the OpenSSH daemon (sshd). This mechanism, part of the SSH2 |
18 |
protocol, verifies a user's identity by generating a challenge and |
19 |
forcing the user to supply a number of responses. It is possible for a |
20 |
remote attacker to send a specially-crafted reply that triggers an |
21 |
overflow. Remote attackers can therefore gain superuser priveleges. |
22 |
|
23 |
http://online.securityfocus.com/archive/1/278818/2002-06-23/2002-06-29/0 |
24 |
http://openssh.org/txt/preauth.adv |
25 |
http://openssh.org/txt/iss.adv |
26 |
|
27 |
Affected versions are: openssh-3.3_p1 and earlier. |
28 |
|
29 |
|
30 |
SOLUTION |
31 |
|
32 |
It is recommended that all Gentoo Linux users who are running openssh |
33 |
update their systems as follows. |
34 |
|
35 |
emerge --clean rsync |
36 |
emerge openssh |
37 |
emerge clean |
38 |
|
39 |
- ------------------------------------------------------------------------ |
40 |
lostlogic@g.o |
41 |
woodchip@g.o |
42 |
seemant@g.o |
43 |
drobbins@g.o |
44 |
- ------------------------------------------------------------------------ |