Date: Sat, 18 Feb 2006 13:33:42 +0100
From: OpenPKG <openpkg@openpkg.org.>
To: [email protected]Subject: [OpenPKG-SA-2006.003] OpenPKG Security Advisory (openssh)
Message-ID: <OpenPKG-SA-2006.003@openpkg.org.>
Reply-To: [email protected]
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Organization: The OpenPKG Project, http://www.openpkg.org/
User-Agent: Mutt/1.5.11 OpenPKG/2.5
X-Virus-Scanned: antivirus-gw at tyumen.ru
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
________________________________________________________________________
OpenPKG Security Advisory The OpenPKG Project
http://www.openpkg.org/security.html http://www.openpkg.org[email protected][email protected]
OpenPKG-SA-2006.003 18-Feb-2006
________________________________________________________________________
Package: openssh
Vulnerability: arbitrary shell command excecution
OpenPKG Specific: no
Affected Releases: Affected Packages: Corrected Packages:
OpenPKG CURRENT <= openssh-4.2p1-20060101 >= openssh-4.3p1-20060201
OpenPKG 2.5 <= openssh-4.2p1-2.5.1 >= openssh-4.2p1-2.5.2
OpenPKG 2.4 <= openssh-4.1p1-2.4.1 >= openssh-4.1p1-2.4.2
OpenPKG 2.3 <= openssh-3.9p1-2.3.0 >= openssh-3.9p1-2.3.1
Description:
Ulrich Drepper discovered [0] a weakness in OpenSSH [1] version 4.2p1
and earlier, caused due to the insecure use of the system(3) function
in scp(1) when performing copy operations using filenames that are
supplied by the user from the command line. This can be exploited to
execute shell commands with privileges of the user running scp(1). The
Common Vulnerabilities and Exposures (CVE) project assigned the id
CVE-2006-0225 [2] to the problem.
________________________________________________________________________
References:
[0] https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168167
[1] http://www.openssh.com/
[2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0225
________________________________________________________________________
For security reasons, this advisory was digitally signed with the
OpenPGP public key "OpenPKG <openpkg@openpkg.org.>" (ID 63C4CB9F) of the
OpenPKG project which you can retrieve from http://pgp.openpkg.org and
hkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org/
for details on how to verify the integrity of this advisory.
________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Comment: OpenPKG <openpkg@openpkg.org.>
iD8DBQFD9xQTgHWT4GPEy58RAmGhAJwPqGodxa5SWCErCK85VrzAhYMPUACfXeXy
h8vuY68O3h7SD1LpSCP/oHE=
=POPO
-----END PGP SIGNATURE-----
