[LUGOS-SEC] OpenSSH vulnerable (again)
Ales Mustar
alesh at domenca.com
Thu Jun 27 11:13:10 CEST 2002
Paketi za Slackware so sedaj res na voljo (glej spodaj).
Vendar, če uporabiš ta paket na kernelu 2.2.x sshd crashne on connectu z
fatal mmap... v syslogu.
Več o tem na: http://bugzilla.mindrot.org/show_bug.cgi?id=259 zraven je
tudi patch za to.
Rešitev brez patcha je možna tako, da se v sshd_config doda oz. spremeni
vrstica "UsePrivilegeSeparation no".
Če je vklopljeno - torej na yes, sshd crashne..., če je ni, isto.
Upam, da bo komu pomagalo,
Aleš
Slackware-8.1 ChangeLog Notice.
The following additions have been made to The ChangeLog.txt
-------------------------------------------------------------------
New Entry: Wed Jun 26 12:03:06 PDT 2002
New Entry: patches/packages/openssh-3.4p1-i386-1.tgz: Upgraded to
openssh-3.4p1.
New Entry: This version enables privilege separation by default. The
README.privsep file
New Entry: says this about it:
New Entry:
New Entry: Privilege separation, or privsep, is method in OpenSSH
by which operations
New Entry: that require root privilege are performed by a separate
privileged monitor
New Entry: process. Its purpose is to prevent privilege
escalation by containing
New Entry: corruption to an unprivileged process. More
information is available at:
New Entry: http://www.citi.umich.edu/u/provos/ssh/privsep.html
New Entry:
New Entry: Note that ISS has released an advisory on OpenSSH (OpenSSH
Remote Challenge
New Entry: Vulnerability). Slackware is not affected by this issue,
as we have never
New Entry: included AUTH_BSD, S/KEY, or PAM. Unless at least one of
these options is
New Entry: compiled into sshd, it is not vulnerable. Further note
that none of these
New Entry: options are turned on in a default build from source code,
so if you have
New Entry: built sshd yourself you should not be vulnerable unless
you've enabled one
New Entry: of these options.
New Entry:
New Entry: Regardless, the security provided by privsep is
unquestionably better.
New Entry: This time we (Slackware) were lucky, but next time we
might not be.
New Entry: Therefore we recommend that all sites running the OpenSSH
daemon (sshd,
New Entry: enabled by default in Slackware 8.1) upgrade to this new
openssh package.
New Entry: After upgrading the package, restart the daemon like this:
New Entry:
New Entry: /etc/rc.d/rc.sshd restart
New Entry:
New Entry: We would like to thank Theo and the rest of the OpenSSH
team for
New Entry: their quick handling of this issue, Niels Provos and
Markus Friedl for
New Entry: implementing privsep, and Solar Designer for working out
issues with
New Entry: privsep on 2.2 Linux kernels.
New Entry: ----------------------------
-----Original Message-----
From: Stojan Rancic [mailto:stojan at aufbix.org]
Sent: Tuesday, June 25, 2002 12:57 PM
To: lugos-sec at lugos.si
Subject: [LUGOS-SEC] OpenSSH vulnerable (again)
Hojla lugos-sec,
Za Debian in Slackware so ze prisli ven novi paketi, ostali vendorji
zgleda se malo spijo.. skratka, 3.3 je zadnja, recommended in
preferred version to use..
http://www.debian.org/security/2002/dsa-134 .
GreetZ, Stojan
---------------
Difference between Jane Fonda & Bill Clinton? Jane went to Vietnam
More information about the lugos-sec
mailing list