dcsimg
Linux Today: Linux News On Internet Time.





More on LinuxToday


Advisories, September 27, 2006

Sep 28, 2006, 03:45 (0 Talkback[s])

Gentoo Linux


Gentoo Linux Security Advisory GLSA 200609-17

http://security.gentoo.org/


Severity: Normal
Title: OpenSSH: Denial of Service
Date: September 27, 2006
Bugs: #148228
ID: 200609-17


Synopsis

A flaw in the OpenSSH daemon allows remote unauthenticated attackers to cause a Denial of Service.

Background

OpenSSH is a free suite of applications for the SSH protocol, developed and maintained by the OpenBSD project.

Affected packages


     Package           /   Vulnerable   /                   Unaffected

  1  net-misc/openssh      < 4.3_p2-r5                    >= 4.3_p2-r5

Description

Tavis Ormandy of the Google Security Team discovered a Denial of Service vulnerability in the SSH protocol version 1 CRC compensation attack detector.

Impact

A remote unauthenticated attacker may be able to trigger excessive CPU usage by sending a pathological SSH message, denying service to other legitimate users or processes.

Workaround

The system administrator may disable SSH protocol version 1 in /etc/ssh/sshd_config.

Resolution

All OpenSSH users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=net-misc/openssh-4.3_p2-r3"

References

[ 1 ] CVE-2006-4924

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4924

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200609-17.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5

rPath Linux

rPath Security Advisory: 2006-0174-1
Published: 2006-09-27
Products: rPath Linux 1
Rating: Minor
Exposure Level Classification: Remote Deterministic Denial of Service
Updated Versions:
    gnome-ssh-askpass=/conary.rpath.com@rpl:devel//1/4.2p1-2.2-1
    openssh=/conary.rpath.com@rpl:devel//1/4.2p1-2.2-1
    openssh-client=/conary.rpath.com@rpl:devel//1/4.2p1-2.2-1
    openssh-server=/conary.rpath.com@rpl:devel//1/4.2p1-2.2-1

References:

    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4924
    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4925
    https://issues.rpath.com/browse/RPL-661

Description:

Previous versions of the openssh package are vulnerable to a remote denial of service attack that cause the server to consume CPU when presented with certain data. They also have a bug (not a vulnerability) that causes the client to crash harmlessly instead of exiting cleanly under some attacks; this is not a vulnerability but is also fixed in this update.