Home » Mailing list archives » openbsd-announce » 2002 » April » 26

Revised OpenSSH Security Advisory (adv.token)

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
[view in full thread]
From: Markus Friedl <markus@...>
Subject: Revised OpenSSH Security Advisory (adv.token)
Date: Friday, April 26, 2002 - 7:59 am

This is the 2nd revision of the Advisory.


Buffer overflow in OpenSSH's sshd if AFS has been configured on the

system or if KerberosTgtPassing or AFSTokenPassing has been enabled

in the sshd_config file.  Ticket and token passing is not enabled

by default.


1. Systems affected:


        All Versions of OpenSSH with AFS/Kerberos token passing

        compiled in and enabled (either in the system or in

        sshd_config) contain a buffer overflow.


        Token passing is disabled by default and only available in

        protocol version 1.


2. Impact:


        Remote users can get privileged access for OpenSSH < 2.9.9


        Local users can get privileged access for OpenSSH < 3.2.1


        No privileged access is possible for OpenSSH with

	UsePrivilegeSeparation enabled.


3. Solution:


	Apply the matching patch:


	ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/openssh-3.1-adv.token.patch

	ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-3.1p1-adv.tok...

	ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.9/common/024_sshafs.patch

	ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.0/common/019_sshafs.patch

	ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.1/common/001_sshafs.patch


4. Credits:


	Marcell Fodor 


EOF
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
Messages in current thread:
BSDCan 2004 announcement, Dan Langille, (Wed Jan 14, 4:14 pm)
OpenSSH 3.8 released, Markus Friedl, (Tue Feb 24, 12:29 pm)
Register for the USENIX AsiaBSDCon2004, Michael C. Wu, (Mon Mar 8, 4:04 am)
OpenBSD 3.5 released!, Todd C. Miller, (Fri Apr 30, 7:05 pm)
SUCON'04 - Registration Opened, Henning Brauer, (Tue Jul 27, 6:04 pm)
The Book of PF by Peter N.M. Hansteen., Austin Hook, (Mon Dec 24, 12:28 pm)
The OpenSSH project turns five years old, Damien Miller, (Mon Sep 27, 9:30 pm)
Stephanie for OpenBSD 3.6 released, br1an, (Fri Oct 15, 8:17 am)
NYCBUG : Michael Shalayeff on the hppa port and OpenBSD Hack..., Marco Scoffier, (Wed Mar 2, 1:55 am)
3.7 is released!, Theo de Raadt, (Thu May 19, 12:40 pm)
Call for Papers: Eurobsdcon2008 in Strasbourg, France, Mathieu Arnold, (Sun Mar 30, 4:52 pm)
OpenNTPD 3.7 released, Henning Brauer, (Wed Jun 8, 1:42 pm)
Portuguese User Group Meeting, Nuno Morgadinho, (Sat Jul 9, 5:42 pm)
Announce: OpenSSH 4.2 released, Damien Miller, (Thu Sep 1, 9:21 am)
OpenBSD 3.8 released November 1, 2005, Theo de Raadt, (Tue Nov 1, 2:30 am)
BSDCan 2006: Call For Papers - reminder, Dan Langille, (Thu Jan 12, 10:12 am)
BSDCan - two weeks away!, Dan Langille, (Thu Apr 27, 1:19 pm)
AsiaBSDCon 2007 - Call for Papers, Hiroki Sato, (Sun Aug 20, 11:09 am)
Announce: OpenSSH 4.4 released, Damien Miller, (Wed Sep 27, 6:34 pm)
BSDCan 2007 date change, Dan Langille, (Sun Oct 29, 11:53 am)
Announce: OpenSSH 4.6 released, Damien Miller, (Wed Mar 7, 7:10 pm)
Thu gui tu The Transport Journal Online, The Transport Journal Online..., (Wed May 21, 4:51 am)
OpenBSD 4.1 Released, Bob Beck, (Tue May 1, 10:51 am)
EuroBSDcon2007 registration is open! (plus poster-session i..., Poul-Henning Kamp, (Sun Jun 17, 5:43 am)
Announcing: The OpenBSD Foundation, Bob Beck, (Wed Jul 25, 7:44 pm)
EuroBSDCon 2007 - less than four weeks!, Simon L. Nielsen, (Tue Aug 21, 4:47 pm)
OpenBSD 4.4 released, Nov 1. Enjoy!, Theo de Raadt, (Fri Oct 31, 12:34 pm)
Announce: OpenSSH 5.2 released, Damien Miller, (Sun Feb 22, 10:23 pm)
OpenBSD/sparc64 X support, Jason Wright, (Fri Feb 8, 3:56 pm)
Revised OpenSSH Security Advisory (adv.token), Markus Friedl, (Fri Apr 26, 7:59 am)
BSD "Lightning talks" wanted for O'Reilly Conference, Brett Glass, (Wed Jun 12, 7:35 pm)
OpenBSD 4.5 released, May 1, 2009, Theo de Raadt, (Thu Apr 30, 1:07 pm)
BSDCon 2003 - Call for Papers, Alex Walker, (Mon Feb 3, 8:10 pm)
BSDCon 2003 Submission Deadline April 1, 2003, Todd C. Miller, (Thu Mar 20, 3:52 pm)
Announce: OpenSSH 5.1 released, Damien Miller, (Mon Jul 21, 8:11 pm)
(Open)BSD System Administration Training, Jeremy C. Reed, (Fri Jul 18, 8:09 pm)
BSDCon 03 reminder, Todd C. Miller, (Thu Aug 14, 3:35 pm)
OpenBSD 3.4 Released, Ted Unangst, (Thu Oct 30, 7:22 pm)
Reclaim Bank Charges: Contact us!, PPI Claims Specialists, (Sun Sep 20, 5:24 pm)