Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
    • Risk Management Delivery Group
  • Research
Home > Products and services > CSIRTUK advisories > Advisories archive > November 2006 > OpenPKG Security Advisory: OpenPKG-SA-2006.032 - openssh

November 2006

OpenPKG Security Advisory: OpenPKG-SA-2006.032 - openssh

ID: 00769
Ref: 728/2006
Date: 09 November 2006:14:34:11
Version: 1
Title: OpenPKG Security Advisory: OpenPKG-SA-2006.032 - openssh
Abstract:
Vendors affected: OpenPKG
Operating systems affected: OpenPKG
Applications affected: OpenPKG
Title
=====

OpenPKG Security Advisory: OpenPKG-SA-2006.032 - openssh

Detail
======

According to a vendor release announcement [0], a vulnerability
exists in the privilege separation functionality of the Secure
Shell (SSH) implementation OpenSSH [1]. The vulnerability is
caused by an incorrect checking for bad signatures in the sshd(8)
privilege separation monitor and this way its verification of
successful authentication is weakened.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

OpenPKG Security Advisory OpenPKG GmbH
http://openpkg.org/security/ http://openpkg.com
OpenPKG-SA-2006.032 2006-11-08
________________________________________________________________________

Package: openssh
Vulnerability: security bypass
OpenPKG Specific: no

Affected Series: Affected Packages: Corrected Packages:
E1.0-SOLID <= openssh-4.4p1-E1.0.0 >= openssh-4.4p1-E1.0.1
2-STABLE-20061018 <= openssh-4.4p1-2.20061024 >= openssh-4.5p1-2.20061108
2-STABLE <= openssh-4.4p1-2.20061024 >= openssh-4.5p1-2.20061108
CURRENT <= openssh-4.4p1-20061104 >= openssh-4.5p1-20061108

Description:
According to a vendor release announcement [0], a vulnerability
exists in the privilege separation functionality of the Secure
Shell (SSH) implementation OpenSSH [1]. The vulnerability is
caused by an incorrect checking for bad signatures in the sshd(8)
privilege separation monitor and this way its verification of
successful authentication is weakened. As a result the monitor and the
unprivileged process can get out of sync. According to the vendor,
this bug is not known to be exploitable in the absence of additional
vulnerabilities. Additionally, OpenPKG's OpenSSH configuration for
portability reasons has the "privilege separation" functionality not
enabled by default.
________________________________________________________________________

References:
[0] http://www.openssh.com/txt/release-4.5
[1] http://www.openssh.com/
________________________________________________________________________

For security reasons, this advisory was digitally signed with the
OpenPGP public key "OpenPKG " (ID 63C4CB9F) which
you can retrieve from http://openpkg.org/openpkg.org.pgp. Follow the
instructions on http://openpkg.org/security/signatures/ for details on
how to verify the integrity of this advisory.
________________________________________________________________________

- -----BEGIN PGP SIGNATURE-----
Comment: OpenPKG

iD8DBQFFUgDpgHWT4GPEy58RAjDDAJ9CdwrWxMqq6eOOADtJxYyzoKjYKwCgzj9p
XIG+pGSPEjmf+yyFqu/A+Qk=
=w+L+
- -----END PGP SIGNATURE-----
  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |