Virus.Org IT Security News and Information Portal. We offer the latest IT security news, updates, product reviews, books, and articles for all you IT security professionals out there. Enter and get the best IT security information on the Internet.

 
. Welcome to the Virus.Org Mailing List Archive  
.
.


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]


[openssh-unix-announce] Revised OpenSSH Security Advisory (adv.token)
.

  • Subject: [openssh-unix-announce] Revised OpenSSH Security Advisory (adv.token)
  • From: markus at openbsd.org (Markus Friedl)
  • Date: Thu May 22 12:10:12 2003
.
 
This is the 2nd revision of the Advisory.

Buffer overflow in OpenSSH's sshd if AFS has been configured on the
system or if KerberosTgtPassing or AFSTokenPassing has been enabled
in the sshd_config file.  Ticket and token passing is not enabled
by default.

1. Systems affected:

        All Versions of OpenSSH with AFS/Kerberos token passing
        compiled in and enabled (either in the system or in
        sshd_config) contain a buffer overflow.

        Token passing is disabled by default and only available in
        protocol version 1.

2. Impact:

        Remote users can get privileged access for OpenSSH < 2.9.9

        Local users can get privileged access for OpenSSH < 3.2.1

        No privileged access is possible for OpenSSH with
	UsePrivilegeSeparation enabled.

3. Solution:

	Apply the matching patch:

	ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/openssh-3.1-adv.token.patch
	ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-3.1p1-adv.token.patch
	ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.9/common/024_sshafs.patch
	ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.0/common/019_sshafs.patch
	ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.1/common/001_sshafs.patch

4. Credits:

	Marcell Fodor <[EMAIL PROTECTED]>

EOF
 
.
.
 
Copyright (c) Virus.Org 1997-2006.
All Trademarks Acknowledged.
Please view our Terms and Conditions and our Privacy Policy.