Date: Tue, 3 Jul 2001 12:40:23 -0600
From: Support Info <[email protected]>
To: [email protected], [email protected],
Subject: Security Update: [CSSA-2001-023.0] Linux - openssh cookie file problem
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
______________________________________________________________________________
Caldera International, Inc. Security Advisory
Subject: Linux - openssh cookie file problem
Advisory number: CSSA-2001-023.0
Issue date: 2001 July, 03
Cross reference:
______________________________________________________________________________
1. Problem Description
Due to unsafe temporary directory usage an local attacker
could remove any file called 'cookies' on the system.
2. Vulnerable Versions
System Package
-----------------------------------------------------------
OpenLinux 2.3 not vulnerable
OpenLinux eServer 2.3.1 All packages previous to
and OpenLinux eBuilder openssh-2.9p2-3
OpenLinux eDesktop 2.4 not vulnerable
OpenLinux 3.1 Server All packages previous to
openssh-2.9p2-3
OpenLinux 3.1 Workstation All packages previous to
openssh-2.9p2-3
3. Solution
Workaround
none
The proper solution is to upgrade to the latest packages.
4. OpenLinux 2.3
not vulnerable
5. OpenLinux eServer 2.3.1 and OpenLinux eBuilder for ECential 3.0
5.1 Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
ftp://ftp.caldera.com/pub/updates/eServer/2.3/current/RPMS/
The corresponding source code package can be found at:
ftp://ftp.caldera.com/pub/updates/eServer/2.3/current/SRPMS
5.2 Verification
34fbb2815f03c432492720d28f0db39d RPMS/openssh-2.9p2-3.i386.rpm
ee99b7b586166416601b4a0d4f90164d RPMS/openssh-askpass-2.9p2-3.i386.rpm
66c4ccbc757c7fc3f0d9edd50ce4444b RPMS/openssh-server-2.9p2-3.i386.rpm
f07dbad19313f6ae41329115ceda1bf4 SRPMS/openssh-2.9p2-3.src.rpm
5.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
/etc/rc.d/init.d/sshd stop
rpm -Fvh openssh*.i386.rpm
/etc/rc.d/init.d/sshd start
6. OpenLinux eDesktop 2.4
not vulnerable
7. OpenLinux 3.1 Server
7.1 Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/RPMS/
The corresponding source code package can be found at:
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/SRPMS
7.2 Verification
af280d6cc5b6fb7d9f9be1511bd4aa40 RPMS/openssh-2.9p2-3.i386.rpm
346dfd71190bbbe59d4ae0bc2f582011 RPMS/openssh-askpass-2.9p2-3.i386.rpm
6fadeb3261714e130ccd0d69d40871a1 RPMS/openssh-server-2.9p2-3.i386.rpm
f07dbad19313f6ae41329115ceda1bf4 SRPMS/openssh-2.9p2-3.src.rpm
7.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -Fvh openssh*i386.rpm
or start kcupdate, the Caldera OpenLinux Update Manager.
8. OpenLinux 3.1 Workstation
8.1 Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/RPMS/
The corresponding source code package can be found at:
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/SRPMS
8.2 Verification
af280d6cc5b6fb7d9f9be1511bd4aa40 RPMS/openssh-2.9p2-3.i386.rpm
346dfd71190bbbe59d4ae0bc2f582011 RPMS/openssh-askpass-2.9p2-3.i386.rpm
6fadeb3261714e130ccd0d69d40871a1 RPMS/openssh-server-2.9p2-3.i386.rpm
f07dbad19313f6ae41329115ceda1bf4 SRPMS/openssh-2.9p2-3.src.rpm
8.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -Fvh openssh*i386.rpm
or start kcupdate, the Caldera OpenLinux Update Manager.
9. References
This and other Caldera security resources are located at:
http://www.caldera.com/support/security/index.html
This security fix closes Caldera's internal Problem Reports 10114 and
10157.
10.Disclaimer
Caldera International, Inc. is not responsible for the misuse of
any of the information we provide on this website and/or through our
security advisories. Our advisories are a service to our customers
intended to promote secure installation and use of Caldera OpenLinux.
11.Acknowledgements
Caldera International wishes to thank zen-parse for reporting this
problem and the OpenSSH folks for providing a timely fix.
______________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE7Qcmw18sy83A/qfwRAitUAJ48NSL6X6fpVr9hXXv8tAJ21EXCbgCgpcLt
D6Cqe0VDor5g/SiY8ZDYsT8=
=4ZXh
-----END PGP SIGNATURE-----
