l i n u x - u s e r s - g r o u p - o f - d a v i s
Next Meeting:
October 20: Web Application Hacking: How to Make and Break Security on the Web
Next Installfest:
Latest News:
Oct. 10: LUGOD Installfests coming again soon
Page last updated:
2002 Mar 07 11:14

The following is an archive of a post made to our 'vox mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
[vox] [PINE-CERT-20020301] OpenSSH off-by-one (fwd)
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[vox] [PINE-CERT-20020301] OpenSSH off-by-one (fwd)

This announcement posted to bugtraq a few moments ago. There will likely
be followup/discussion on BUGTRAQ.

If you are not signed up for it yet, you should seriously consider it.

It sounds like another issue with older V of ssh and may be so, but does
not take away from the pupose of this e-mail in being to pass the idea
that subscriptions to BUGTRAQ are gooooood.


---------- Forwarded message ----------
Date: Thu, 7 Mar 2002 13:25:20 +0000
From: Joost Pol <joost@pine.nl>
To: bugtraq@securityfocus.com
Cc: vulnwatch@vulnwatch.org
Subject: [PINE-CERT-20020301] OpenSSH off-by-one

See attached advisory.

Joost Pol alias 'Nohican' <joost@pine.nl> PGP 584619BD
PGP fingerprint B1FA EE66 CFAA A492 D5F8 9A8A 0CDA D2CA 5846 19BD
PINE Internet BV - Tel +31-50-5731111 - Fax +31-70-3111011

(Attachment converted to text and included in-line)

Hash: SHA1

- -----------------------------------------------------------------------------
 Pine Internet Security Advisory
- -----------------------------------------------------------------------------
 Advisory ID       : PINE-CERT-20020301
 Authors           : Joost Pol <joost@pine.nl>
 Issue date        : 2002-03-07
 Application       : OpenSSH
 Version(s)        : All versions between 2.0 and 3.0.2
 Platforms         : multiple
 Vendor informed   : 20020304
 Availability      : http://www.pine.nl/advisories/pine-cert-20020301.txt
- -----------------------------------------------------------------------------


        A bug exists in the channel code of OpenSSH versions 2.0 - 3.0.2

        Users with an existing user account can abuse this bug to
        gain root privileges. Exploitability without an existing
        user account has not been proven but is not considered
        impossible. A malicious ssh server could also use this bug 
	to exploit a connecting vulnerable client.


        HIGH: Existing users will gain root privileges.


        Simple off by one error. Patch included.


        The OpenSSH project will shortly release version 3.1. 
	Upgrading to this version is highly recommended. 

	This version will be made available at http://www.openssh.com

	The FreeBSD port of OpenSSH has been updated to reflect the 
	patches as supplied in this document.

	OpenSSH CVS has been updated, see
	http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/ \

	Or apply the attached patch as provided by PINE Internet:


Version: GnuPG v1.0.6 (FreeBSD)
Comment: For info see http://www.gnupg.org


vox mailing list

LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Appahost Applications
For a significant contribution towards our projector, and a generous donation to allow us to continue meeting at the Davis Library.