|
|
Revised OpenSSH Security Advisory (adv.token): msg#00382security.bugtraq
This is the 2nd revision of the Advisory. Buffer overflow in OpenSSH's sshd if AFS has been configured on the system or if KerberosTgtPassing or AFSTokenPassing has been enabled in the sshd_config file. Ticket and token passing is not enabled by default. 1. Systems affected: All Versions of OpenSSH with AFS/Kerberos token passing compiled in and enabled (either in the system or in sshd_config) contain a buffer overflow. Token passing is disabled by default and only available in protocol version 1. 2. Impact: Remote users can get privileged access for OpenSSH < 2.9.9 Local users can get privileged access for OpenSSH < 3.2.1 No privileged access is possible for OpenSSH with UsePrivilegeSeparation enabled. 3. Solution: Apply the matching patch: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/openssh-3.1-adv.token.patch ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-3.1p1-adv.token.patch ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.9/common/024_sshafs.patch ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.0/common/019_sshafs.patch ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.1/common/001_sshafs.patch 4. Credits: Marcell Fodor <m.fodor@xxxxxxxxxxxxxxx> EOF |
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| Previous by Date: | Re: Trendmicro - Interscan - List of BCC: is revealed when stripping attachments and notifying destination addresses: 00382, mutt |
|---|---|
| Next by Date: | Mp3 file can execute code in Winamp [Sandblad advisory #5]: 00382, Andreas Sandblad |
| Previous by Thread: | Re: Trendmicro - Interscan - List of BCC: is revealed when stripping attachments and notifying destination addressesi: 00382, mutt |
| Next by Thread: | Mp3 file can execute code in Winamp [Sandblad advisory #5]: 00382, Andreas Sandblad |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
| News | FAQ | advertise |