[OpenPKG-SA-2006.032] OpenPKG Security Advisory (openssh)

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: [OpenPKG-SA-2006.032] OpenPKG Security Advisory (openssh)
From: OpenPKG <openpkg@xxxxxxxxxxx>
Date: Wed, 8 Nov 2006 17:08:33 +0100
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
Organization: The OpenPKG Project, http://www.openpkg.org/
Reply-to: openpkg@xxxxxxxxxxx
User-agent: Mutt/1.5.11 OpenPKG/2-STABLE

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

OpenPKG Security Advisory                                   OpenPKG GmbH
http://openpkg.org/security/                          http://openpkg.com
OpenPKG-SA-2006.032                                           2006-11-08
________________________________________________________________________

Package:          openssh
Vulnerability:    security bypass
OpenPKG Specific: no

Affected Series:  Affected Packages:          Corrected Packages:
E1.0-SOLID        <= openssh-4.4p1-E1.0.0     >= openssh-4.4p1-E1.0.1
2-STABLE-20061018 <= openssh-4.4p1-2.20061024 >= openssh-4.5p1-2.20061108
2-STABLE          <= openssh-4.4p1-2.20061024 >= openssh-4.5p1-2.20061108
CURRENT           <= openssh-4.4p1-20061104   >= openssh-4.5p1-20061108

Description:
  According to a vendor release announcement [0], a vulnerability
  exists in the privilege separation functionality of the Secure
  Shell (SSH) implementation OpenSSH [1]. The vulnerability is
  caused by an incorrect checking for bad signatures in the sshd(8)
  privilege separation monitor and this way its verification of
  successful authentication is weakened. As a result the monitor and the
  unprivileged process can get out of sync. According to the vendor,
  this bug is not known to be exploitable in the absence of additional
  vulnerabilities. Additionally, OpenPKG's OpenSSH configuration for
  portability reasons has the "privilege separation" functionality not
  enabled by default.
________________________________________________________________________

References:
  [0] http://www.openssh.com/txt/release-4.5
  [1] http://www.openssh.com/
________________________________________________________________________

For security reasons, this advisory was digitally signed with the
OpenPGP public key "OpenPKG <openpkg@xxxxxxxxxxx>" (ID 63C4CB9F) which
you can retrieve from http://openpkg.org/openpkg.org.pgp. Follow the
instructions on http://openpkg.org/security/signatures/ for details on
how to verify the integrity of this advisory.
________________________________________________________________________

-----BEGIN PGP SIGNATURE-----
Comment: OpenPKG <openpkg@xxxxxxxxxxx>

iD8DBQFFUgDpgHWT4GPEy58RAjDDAJ9CdwrWxMqq6eOOADtJxYyzoKjYKwCgzj9p
XIG+pGSPEjmf+yyFqu/A+Qk=
=w+L+
-----END PGP SIGNATURE-----

Prev by Date: [ MDKSA-2006:201 ] - Updated pam_ldap packages fix PasswordPolicyReponse coding error
Next by Date: Call for papers: ARES 2007 submission deadline approaches in 2 weeks: 19-11-2006
Previous by thread: [ MDKSA-2006:201 ] - Updated pam_ldap packages fix PasswordPolicyReponse coding error
Next by thread: Call for papers: ARES 2007 submission deadline approaches in 2 weeks: 19-11-2006
Index(es):
- Date
- Thread