[plug] Heads-up: OpenSSH vulnerability
Denis Brown
dsbrown at cyllene.uwa.edu.au
Wed Sep 17 09:06:24 WST 2003
Just a quick "heads-up" in case some PLUGgers are not tuned into one of the
security lists...
The nub of the problem (ack's to AusCERT for this snippet)...
- - - - - - -
A vulnerability exists in the buffer management code of OpenSSH. This
vulnerability affects versions prior to 3.7. The error occurs when a
buffer is allocated for a large packet. When the buffer is cleared, an
improperly sized chunk of memory is filled with zeros. This leads to
heap corruption, which could cause a denial-of-service condition. This
vulnerability may also allow an attacker to execute arbitrary code.
This vulnerability is described in an advisory from OpenSSH
- - - - - - -
I'm aware that at least Debian and RH have announced patches to their
versions of OpenSSH. Just apt-get'ted my Debian machines :-)
HTH,
Denis
_______________________________________________
plug mailing list
plug at plug.linux.org.au
http://mail.plug.linux.org.au/cgi-bin/mailman/listinfo/plug
More information about the plug
mailing list