Skip to navigation

Security Advisory Moderate: openssh security update

Advisory: RHSA-2009:1470-1
Type: Security Advisory
Severity: Moderate
Issued on: 2009-09-30
Last updated on: 2009-09-30
Affected Products: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux EUS (v. 5.4.z server)
CVEs (cve.mitre.org): CVE-2009-2904

Details

Updated openssh packages that fix a security issue are now available for
Red Hat Enterprise Linux 5.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

OpenSSH is OpenBSD's SSH (Secure Shell) protocol implementation. These
packages include the core files necessary for both the OpenSSH client and
server.

A Red Hat specific patch used in the openssh packages as shipped in Red
Hat Enterprise Linux 5.4 (RHSA-2009:1287) loosened certain ownership
requirements for directories used as arguments for the ChrootDirectory
configuration options. A malicious user that also has or previously had
non-chroot shell access to a system could possibly use this flaw to
escalate their privileges and run commands as any system user.
(CVE-2009-2904)

All OpenSSH users are advised to upgrade to these updated packages, which
contain a backported patch to resolve this issue. After installing this
update, the OpenSSH server daemon (sshd) will be restarted automatically.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

Red Hat Enterprise Linux (v. 5 server)

SRPMS:
openssh-4.3p2-36.el5_4.2.src.rpm
File outdated by:  RHBA-2010:0123
    MD5: ff14a4ab0ae5ad7ffdddef280c323d88
 
IA-32:
openssh-4.3p2-36.el5_4.2.i386.rpm
File outdated by:  RHBA-2012:0237
    MD5: c4f9f9a8850bba515c94e07c90e0a6b6
openssh-askpass-4.3p2-36.el5_4.2.i386.rpm
File outdated by:  RHBA-2012:0237
    MD5: cadce6d50d8243e6e9e984ab0e25e970
openssh-clients-4.3p2-36.el5_4.2.i386.rpm
File outdated by:  RHBA-2012:0237
    MD5: 5e852bbb05c7a5c3c3384666401b9f75
openssh-server-4.3p2-36.el5_4.2.i386.rpm
File outdated by:  RHBA-2012:0237
    MD5: 3f8dbf62305e07513bb5e303faf30930
 
IA-64:
openssh-4.3p2-36.el5_4.2.ia64.rpm
File outdated by:  RHBA-2012:0237
    MD5: db1b730c842bffa66d225391e0a3a288
openssh-askpass-4.3p2-36.el5_4.2.ia64.rpm
File outdated by:  RHBA-2012:0237
    MD5: ed2d15b5c5c2585bb1c55255887fb505
openssh-clients-4.3p2-36.el5_4.2.ia64.rpm
File outdated by:  RHBA-2012:0237
    MD5: f38174b2adf224273550d29911c3e311
openssh-server-4.3p2-36.el5_4.2.ia64.rpm
File outdated by:  RHBA-2012:0237
    MD5: aa6a156e4c1f1a203043961ff2fdf588
 
PPC:
openssh-4.3p2-36.el5_4.2.ppc.rpm
File outdated by:  RHBA-2012:0237
    MD5: 1b0ad6a5b4084db5611fa59997adace1
openssh-askpass-4.3p2-36.el5_4.2.ppc.rpm
File outdated by:  RHBA-2012:0237
    MD5: 849d9d34593e64607d8828b3d94512b8
openssh-clients-4.3p2-36.el5_4.2.ppc.rpm
File outdated by:  RHBA-2012:0237
    MD5: 55ec7577db379a69d18ee6f2dd6aac0c
openssh-server-4.3p2-36.el5_4.2.ppc.rpm
File outdated by:  RHBA-2012:0237
    MD5: 9bbb25b2625e7cc69d127e4d67fcd0b8
 
s390x:
openssh-4.3p2-36.el5_4.2.s390x.rpm
File outdated by:  RHBA-2012:0237
    MD5: 911fe40f6bbf61ea91c134ad69311ceb
openssh-askpass-4.3p2-36.el5_4.2.s390x.rpm
File outdated by:  RHBA-2012:0237
    MD5: fc21e3d50ae36de48e6c9075eecc62f9
openssh-clients-4.3p2-36.el5_4.2.s390x.rpm
File outdated by:  RHBA-2012:0237
    MD5: 17ab5e824eac23f811b1ab1a8e8a4283
openssh-server-4.3p2-36.el5_4.2.s390x.rpm
File outdated by:  RHBA-2012:0237
    MD5: ba6b3eacacee3cbe54d5eec9e39115e2
 
x86_64:
openssh-4.3p2-36.el5_4.2.x86_64.rpm
File outdated by:  RHBA-2012:0237
    MD5: a5c6d4af3030d48c88a02418cbfa81b9
openssh-askpass-4.3p2-36.el5_4.2.x86_64.rpm
File outdated by:  RHBA-2012:0237
    MD5: 0b56f6c35f610c4105d030ef424b6f33
openssh-clients-4.3p2-36.el5_4.2.x86_64.rpm
File outdated by:  RHBA-2012:0237
    MD5: 8ef442b49c8228ca38bc53ad8cc35b05
openssh-server-4.3p2-36.el5_4.2.x86_64.rpm
File outdated by:  RHBA-2012:0237
    MD5: 0a3ed69d32a387b07b549925e1f50601
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
openssh-4.3p2-36.el5_4.2.src.rpm
File outdated by:  RHBA-2010:0123
    MD5: ff14a4ab0ae5ad7ffdddef280c323d88
 
IA-32:
openssh-4.3p2-36.el5_4.2.i386.rpm
File outdated by:  RHBA-2012:0237
    MD5: c4f9f9a8850bba515c94e07c90e0a6b6
openssh-askpass-4.3p2-36.el5_4.2.i386.rpm
File outdated by:  RHBA-2012:0237
    MD5: cadce6d50d8243e6e9e984ab0e25e970
openssh-clients-4.3p2-36.el5_4.2.i386.rpm
File outdated by:  RHBA-2012:0237
    MD5: 5e852bbb05c7a5c3c3384666401b9f75
openssh-server-4.3p2-36.el5_4.2.i386.rpm
File outdated by:  RHBA-2012:0237
    MD5: 3f8dbf62305e07513bb5e303faf30930
 
x86_64:
openssh-4.3p2-36.el5_4.2.x86_64.rpm
File outdated by:  RHBA-2012:0237
    MD5: a5c6d4af3030d48c88a02418cbfa81b9
openssh-askpass-4.3p2-36.el5_4.2.x86_64.rpm
File outdated by:  RHBA-2012:0237
    MD5: 0b56f6c35f610c4105d030ef424b6f33
openssh-clients-4.3p2-36.el5_4.2.x86_64.rpm
File outdated by:  RHBA-2012:0237
    MD5: 8ef442b49c8228ca38bc53ad8cc35b05
openssh-server-4.3p2-36.el5_4.2.x86_64.rpm
File outdated by:  RHBA-2012:0237
    MD5: 0a3ed69d32a387b07b549925e1f50601
 
Red Hat Enterprise Linux EUS (v. 5.4.z server)

SRPMS:
openssh-4.3p2-36.el5_4.2.src.rpm
File outdated by:  RHBA-2010:0123
    MD5: ff14a4ab0ae5ad7ffdddef280c323d88
 
IA-32:
openssh-4.3p2-36.el5_4.2.i386.rpm
File outdated by:  RHBA-2010:0123
    MD5: c4f9f9a8850bba515c94e07c90e0a6b6
openssh-askpass-4.3p2-36.el5_4.2.i386.rpm
File outdated by:  RHBA-2010:0123
    MD5: cadce6d50d8243e6e9e984ab0e25e970
openssh-clients-4.3p2-36.el5_4.2.i386.rpm
File outdated by:  RHBA-2010:0123
    MD5: 5e852bbb05c7a5c3c3384666401b9f75
openssh-server-4.3p2-36.el5_4.2.i386.rpm
File outdated by:  RHBA-2010:0123
    MD5: 3f8dbf62305e07513bb5e303faf30930
 
IA-64:
openssh-4.3p2-36.el5_4.2.ia64.rpm
File outdated by:  RHBA-2010:0123
    MD5: db1b730c842bffa66d225391e0a3a288
openssh-askpass-4.3p2-36.el5_4.2.ia64.rpm
File outdated by:  RHBA-2010:0123
    MD5: ed2d15b5c5c2585bb1c55255887fb505
openssh-clients-4.3p2-36.el5_4.2.ia64.rpm
File outdated by:  RHBA-2010:0123
    MD5: f38174b2adf224273550d29911c3e311
openssh-server-4.3p2-36.el5_4.2.ia64.rpm
File outdated by:  RHBA-2010:0123
    MD5: aa6a156e4c1f1a203043961ff2fdf588
 
PPC:
openssh-4.3p2-36.el5_4.2.ppc.rpm
File outdated by:  RHBA-2010:0123
    MD5: 1b0ad6a5b4084db5611fa59997adace1
openssh-askpass-4.3p2-36.el5_4.2.ppc.rpm
File outdated by:  RHBA-2010:0123
    MD5: 849d9d34593e64607d8828b3d94512b8
openssh-clients-4.3p2-36.el5_4.2.ppc.rpm
File outdated by:  RHBA-2010:0123
    MD5: 55ec7577db379a69d18ee6f2dd6aac0c
openssh-server-4.3p2-36.el5_4.2.ppc.rpm
File outdated by:  RHBA-2010:0123
    MD5: 9bbb25b2625e7cc69d127e4d67fcd0b8
 
s390x:
openssh-4.3p2-36.el5_4.2.s390x.rpm
File outdated by:  RHBA-2010:0123
    MD5: 911fe40f6bbf61ea91c134ad69311ceb
openssh-askpass-4.3p2-36.el5_4.2.s390x.rpm
File outdated by:  RHBA-2010:0123
    MD5: fc21e3d50ae36de48e6c9075eecc62f9
openssh-clients-4.3p2-36.el5_4.2.s390x.rpm
File outdated by:  RHBA-2010:0123
    MD5: 17ab5e824eac23f811b1ab1a8e8a4283
openssh-server-4.3p2-36.el5_4.2.s390x.rpm
File outdated by:  RHBA-2010:0123
    MD5: ba6b3eacacee3cbe54d5eec9e39115e2
 
x86_64:
openssh-4.3p2-36.el5_4.2.x86_64.rpm
File outdated by:  RHBA-2010:0123
    MD5: a5c6d4af3030d48c88a02418cbfa81b9
openssh-askpass-4.3p2-36.el5_4.2.x86_64.rpm
File outdated by:  RHBA-2010:0123
    MD5: 0b56f6c35f610c4105d030ef424b6f33
openssh-clients-4.3p2-36.el5_4.2.x86_64.rpm
File outdated by:  RHBA-2010:0123
    MD5: 8ef442b49c8228ca38bc53ad8cc35b05
openssh-server-4.3p2-36.el5_4.2.x86_64.rpm
File outdated by:  RHBA-2010:0123
    MD5: 0a3ed69d32a387b07b549925e1f50601
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

522141 - CVE-2009-2904 openssh: possible privilege escalation when using ChrootDirectory setting


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/