Date: Wed, 8 Nov 2006 17:08:33 +0100
From: OpenPKG <openpkg@openpkg.org.>
To: [email protected]Subject: [OpenPKG-SA-2006.032] OpenPKG Security Advisory (openssh)
Message-ID: <OpenPKG-SA-2006.032@openpkg.org.>
Reply-To: [email protected]
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Organization: The OpenPKG Project, http://www.openpkg.org/
User-Agent: Mutt/1.5.11 OpenPKG/2-STABLE
X-Virus-Scanned: antivirus-gw at tyumen.ru
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
________________________________________________________________________
OpenPKG Security Advisory OpenPKG GmbH
http://openpkg.org/security/ http://openpkg.com
OpenPKG-SA-2006.032 2006-11-08
________________________________________________________________________
Package: openssh
Vulnerability: security bypass
OpenPKG Specific: no
Affected Series: Affected Packages: Corrected Packages:
E1.0-SOLID <= openssh-4.4p1-E1.0.0 >= openssh-4.4p1-E1.0.1
2-STABLE-20061018 <= openssh-4.4p1-2.20061024 >= openssh-4.5p1-2.20061108
2-STABLE <= openssh-4.4p1-2.20061024 >= openssh-4.5p1-2.20061108
CURRENT <= openssh-4.4p1-20061104 >= openssh-4.5p1-20061108
Description:
According to a vendor release announcement [0], a vulnerability
exists in the privilege separation functionality of the Secure
Shell (SSH) implementation OpenSSH [1]. The vulnerability is
caused by an incorrect checking for bad signatures in the sshd(8)
privilege separation monitor and this way its verification of
successful authentication is weakened. As a result the monitor and the
unprivileged process can get out of sync. According to the vendor,
this bug is not known to be exploitable in the absence of additional
vulnerabilities. Additionally, OpenPKG's OpenSSH configuration for
portability reasons has the "privilege separation" functionality not
enabled by default.
________________________________________________________________________
References:
[0] http://www.openssh.com/txt/release-4.5
[1] http://www.openssh.com/
________________________________________________________________________
For security reasons, this advisory was digitally signed with the
OpenPGP public key "OpenPKG <openpkg@openpkg.org.>" (ID 63C4CB9F) which
you can retrieve from http://openpkg.org/openpkg.org.pgp. Follow the
instructions on http://openpkg.org/security/signatures/ for details on
how to verify the integrity of this advisory.
________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Comment: OpenPKG <openpkg@openpkg.org.>
iD8DBQFFUgDpgHWT4GPEy58RAjDDAJ9CdwrWxMqq6eOOADtJxYyzoKjYKwCgzj9p
XIG+pGSPEjmf+yyFqu/A+Qk=
=w+L+
-----END PGP SIGNATURE-----
