| 1 |
- ----------------------------------------------------------------------- |
| 2 |
GLSA: GENTOO LINUX SECURITY ANNOUNCEMENT |
| 3 |
- ----------------------------------------------------------------------- |
| 4 |
PACKAGE : OpenSSH |
| 5 |
SUMMARY : security vulnerability in openssh |
| 6 |
DATE : Thu Jun 27 02:03:04 UTC 2002 |
| 7 |
- ----------------------------------------------------------------------- |
| 8 |
|
| 9 |
OVERVIEW |
| 10 |
|
| 11 |
This bug can be exploited remotely if ChallengeResponseAuthentication |
| 12 |
is enabled in sshd_config, allowing attackers to gain superuser access. |
| 13 |
|
| 14 |
DETAIL |
| 15 |
|
| 16 |
A vulnerability exists within the "challenge-response" authentication |
| 17 |
mechanism in the OpenSSH daemon (sshd). This mechanism, part of the SSH2 |
| 18 |
protocol, verifies a user's identity by generating a challenge and |
| 19 |
forcing the user to supply a number of responses. It is possible for a |
| 20 |
remote attacker to send a specially-crafted reply that triggers an |
| 21 |
overflow. Remote attackers can therefore gain superuser priveleges. |
| 22 |
|
| 23 |
http://online.securityfocus.com/archive/1/278818/2002-06-23/2002-06-29/0 |
| 24 |
http://openssh.org/txt/preauth.adv |
| 25 |
http://openssh.org/txt/iss.adv |
| 26 |
|
| 27 |
Affected versions are: openssh-3.3_p1 and earlier. |
| 28 |
|
| 29 |
|
| 30 |
SOLUTION |
| 31 |
|
| 32 |
It is recommended that all Gentoo Linux users who are running openssh |
| 33 |
update their systems as follows. |
| 34 |
|
| 35 |
emerge --clean rsync |
| 36 |
emerge openssh |
| 37 |
emerge clean |
| 38 |
|
| 39 |
- ------------------------------------------------------------------------ |
| 40 |
lostlogic@g.o |
| 41 |
woodchip@g.o |
| 42 |
seemant@g.o |
| 43 |
drobbins@g.o |
| 44 |
- ------------------------------------------------------------------------ |
Archives