Security Advisory Updated openssh packages available

Advisory: RHSA-2002:043-12
Type: Security Advisory
Severity: N/A
Issued on: 2002-03-05
Last updated on: 2002-05-22
Affected Products: Red Hat Linux 7.0
Red Hat Linux 7.1
Red Hat Linux 7.2
OVAL: N/A
CVEs (cve.mitre.org): CVE-2002-0083

Details

Updated openssh packages are now available for Red Hat Linux 7, 7.1, and
7.2 which close a remotely-exploitable vulnerability in sshd.

Joost Pol has discovered an off-by-one error in all versions of the OpenSSH
daemon (sshd) prior to version 3.1.

This issue could allow an authenticated user to cause sshd to corrupt its
heap, potentially allowing arbitrary code to be executed on the remote
server. Alternatively, a malicious SSH server could be crafted to attack a
vulnerable OpenSSH client.

Users are advised to upgrade to these errata packages containing OpenSSH
3.1, which is not vulnerable to this issue.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2002-0083 to this issue.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade. Only those
RPMs which are currently installed will be updated. Those RPMs which are
not installed but included in the list will not be updated. Note that you
can also use wildcards (*.rpm) if your current directory *only* contains the
desired RPMs.

Please note that this update is also available via Red Hat Network. Many
people find this an easier way to apply updates. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

Updated packages

Red Hat Linux 7.0
SRPMS:
openssh-3.1p1-1.src.rpm
File outdated by:  RHSA-2002:127		     26d50a9b0c36fb1dc58247fbf0e413af
 
Alpha:
openssh-3.1p1-1.alpha.rpm
File outdated by:  RHSA-2002:127		     54de9c01ad5fe21e228d0b4d48581e62
openssh-askpass-3.1p1-1.alpha.rpm
File outdated by:  RHSA-2002:127		     9ceeff94d7f2bc34dbbaf8c36012eb3a
openssh-askpass-gnome-3.1p1-1.alpha.rpm
File outdated by:  RHSA-2002:127		     1d9ec549531b3c53221d522ab305af42
openssh-clients-3.1p1-1.alpha.rpm
File outdated by:  RHSA-2002:127		     b1ea5c7c6b0de2887b09848138c21e9b
openssh-server-3.1p1-1.alpha.rpm
File outdated by:  RHSA-2002:127		     41b8b1cbf4842b1f2075155fa8f65b72
 
IA-32:
openssh-3.1p1-1.i386.rpm
File outdated by:  RHSA-2002:127		     e250bc4f15b417d23cee868030e576a3
openssh-askpass-3.1p1-1.i386.rpm
File outdated by:  RHSA-2002:127		     84076eb5a5b79c42314c2b904ad1b3a7
openssh-askpass-gnome-3.1p1-1.i386.rpm
File outdated by:  RHSA-2002:127		     57428dc06c9dfa3447038c59cc179ff2
openssh-clients-3.1p1-1.i386.rpm
File outdated by:  RHSA-2002:127		     497cfa67d62ebd7b8b97dddf0267309c
openssh-server-3.1p1-1.i386.rpm
File outdated by:  RHSA-2002:127		     9aef89c9b5e5ca5b463789d8ff245d7f
 
Red Hat Linux 7.1
SRPMS:
openssh-3.1p1-1.src.rpm
File outdated by:  RHSA-2002:127		     26d50a9b0c36fb1dc58247fbf0e413af
 
Alpha:
openssh-3.1p1-1.alpha.rpm
File outdated by:  RHSA-2002:127		     54de9c01ad5fe21e228d0b4d48581e62
openssh-askpass-3.1p1-1.alpha.rpm
File outdated by:  RHSA-2002:127		     9ceeff94d7f2bc34dbbaf8c36012eb3a
openssh-askpass-gnome-3.1p1-1.alpha.rpm
File outdated by:  RHSA-2002:127		     1d9ec549531b3c53221d522ab305af42
openssh-clients-3.1p1-1.alpha.rpm
File outdated by:  RHSA-2002:127		     b1ea5c7c6b0de2887b09848138c21e9b
openssh-server-3.1p1-1.alpha.rpm
File outdated by:  RHSA-2002:127		     41b8b1cbf4842b1f2075155fa8f65b72
 
IA-32:
openssh-3.1p1-1.i386.rpm
File outdated by:  RHSA-2003:279		     e250bc4f15b417d23cee868030e576a3
openssh-askpass-3.1p1-1.i386.rpm
File outdated by:  RHSA-2003:279		     84076eb5a5b79c42314c2b904ad1b3a7
openssh-askpass-gnome-3.1p1-1.i386.rpm
File outdated by:  RHSA-2003:279		     57428dc06c9dfa3447038c59cc179ff2
openssh-clients-3.1p1-1.i386.rpm
File outdated by:  RHSA-2003:279		     497cfa67d62ebd7b8b97dddf0267309c
openssh-server-3.1p1-1.i386.rpm
File outdated by:  RHSA-2003:279		     9aef89c9b5e5ca5b463789d8ff245d7f
 
IA-64:
openssh-3.1p1-1.ia64.rpm
File outdated by:  RHSA-2002:127		     f0d343b01c91bb5b99a1c84992e0fdca
openssh-askpass-3.1p1-1.ia64.rpm
File outdated by:  RHSA-2002:127		     1de814f44f07bef9a95d1802c507c79f
openssh-askpass-gnome-3.1p1-1.ia64.rpm
File outdated by:  RHSA-2002:127		     b01087dc75468ad5a79492bcd83a269e
openssh-clients-3.1p1-1.ia64.rpm
File outdated by:  RHSA-2002:127		     25a34e33830ada8c24b71934cdb246ef
openssh-server-3.1p1-1.ia64.rpm
File outdated by:  RHSA-2002:127		     3c2ef228fc7e4d8a1b94a5600ace8912
 
Red Hat Linux 7.2
SRPMS:
openssh-3.1p1-2.src.rpm
File outdated by:  RHSA-2003:279		     f90c4686944897e87b15be09626ff4dc
 
IA-32:
openssh-3.1p1-2.i386.rpm
File outdated by:  RHSA-2003:279		     f8c46c51f3bd74a8437a7fb1f0b15502
openssh-askpass-3.1p1-2.i386.rpm
File outdated by:  RHSA-2003:279		     ef80fbb8b75ed3ff627c2fe060fc5165
openssh-askpass-gnome-3.1p1-2.i386.rpm
File outdated by:  RHSA-2003:279		     7b2a01eff4dcf0601ff4b54becb949d6
openssh-clients-3.1p1-2.i386.rpm
File outdated by:  RHSA-2003:279		     1d2528e9f4af919f730423b7bb7a815d
openssh-server-3.1p1-2.i386.rpm
File outdated by:  RHSA-2003:279		     7b65f56a9044dad10f02f444774a9b32
 
IA-64:
openssh-3.1p1-2.ia64.rpm
File outdated by:  RHSA-2003:279		     343c66f5608e3fd48d5c3b12b66096fa
openssh-askpass-3.1p1-2.ia64.rpm
File outdated by:  RHSA-2003:279		     04c1c42e644d9470c41138ffed684628
openssh-askpass-gnome-3.1p1-2.ia64.rpm
File outdated by:  RHSA-2003:279		     72aef4e9c4f0213ca371d205830cb05e
openssh-clients-3.1p1-2.ia64.rpm
File outdated by:  RHSA-2003:279		     c07001458b48ba0dbb2e960db9b93eb9
openssh-server-3.1p1-2.ia64.rpm
File outdated by:  RHSA-2003:279		     700054c98ffbec257d4c1b12b02a9867
 
s390:
ftp://updates.redhat.com/7.2/en/os/s390/openssh-3.1p1-2.s390.rpm
Missing file		     15de395b2ec29635f29030ea35198c0d
ftp://updates.redhat.com/7.2/en/os/s390/openssh-askpass-3.1p1-2.s390.rpm
Missing file		     1fbc83c75244baa38caf86900e358e0f
ftp://updates.redhat.com/7.2/en/os/s390/openssh-askpass-gnome-3.1p1-2.s390.rpm
Missing file		     3195f49ec0c44c3503325cf8236f74d5
ftp://updates.redhat.com/7.2/en/os/s390/openssh-clients-3.1p1-2.s390.rpm
Missing file		     dee468fe1de6f53cfbb1caa1efe7203f
ftp://updates.redhat.com/7.2/en/os/s390/openssh-server-3.1p1-2.s390.rpm
Missing file		     75052912afd4873364361af5fbba27c8
 

Bugs fixed (see bugzilla for more information)

60829 - HIGH: Existing users will gain root privileges.


References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0083
http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=101550282514683

Keywords

channel, openssh, sshd

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/