[plug] Heads-up: OpenSSH vulnerability

Denis Brown dsbrown at cyllene.uwa.edu.au
Wed Sep 17 09:06:24 WST 2003


Just a quick "heads-up" in case some PLUGgers are not tuned into one of the 
security lists...

The nub of the problem (ack's to AusCERT for this snippet)...

- - - - - - -
A vulnerability exists in the buffer management code of OpenSSH. This
vulnerability affects versions prior to 3.7. The error occurs when a
buffer is allocated for a large packet. When the buffer is cleared, an
improperly sized chunk of memory is filled with zeros. This leads to
heap corruption, which could cause a denial-of-service condition. This
vulnerability may also allow an attacker to execute arbitrary code.
This vulnerability is described in an advisory from OpenSSH
- - - - - - -

I'm aware that at least Debian and RH have announced patches to their 
versions of OpenSSH.   Just apt-get'ted my Debian machines :-)

HTH,
Denis


_______________________________________________
plug mailing list
plug at plug.linux.org.au
http://mail.plug.linux.org.au/cgi-bin/mailman/listinfo/plug


More information about the plug mailing list