SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Security)  >   SSH Vendors:   SSH Communications
(Default Caldera Linux Not Vulnerable) Re: SSH Secure Shell 3.0.0 for Unix Lets Remote Users Login to Certain Accounts Without Authentication
SecurityTracker Alert ID:  1002065
SecurityTracker URL:  http://securitytracker.com/id/1002065
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Jul 22 2001
Impact:   User access via network

Version(s): 3.0.0 (for UNIX only)
Description:   SSH warned of a vulnerability with SSH Secure Shell version 3.0.0 for Unix that grants remote users access to certain accounts without authorization.

Caldera reports that they do not ship the commercial version of SSH (which is the vulnerable version) and, as a result, is not vulnerable unless the system administrator has installed the commercial version of SSH.

Caldera indicates that they provide OpenSSH version 2.9p2 for all supported platforms, which is not affected by above flaw.

Impact:   A remote user can access certain accounts via SSH without authentication.
Solution:   SSH Secure Shell 3.0.1 reportedly fixes this problem. See the Vendor URL. The fix is also available at: ftp://ftp.ssh.com/pub/ssh
A patch for 3.0.0 source code is also available at the ftp site.

Vendor URL:  commerce.ssh.com/ (Links to External Site)
Cause:   Authentication error
Underlying OS:  Linux (Caldera/SCO)
Underlying OS Comments:  Red Hat Linux 6.1 thru 7.1, Solaris 2.6 thru 2.8, HP-UX 10.20, HP-UX 11.00, Caldera Linux 2.4, Suse Linux 6.4 thru 7.0; other platforms may also be vulnerable

Message History:   This archive entry is a follow-up to the message listed below.
Jul 21 2001 SSH Secure Shell 3.0.0 for Unix Lets Remote Users Login to Certain Accounts Without Authentication



 Source Message Contents

Subject:  Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0


In article <FNEKKFMHLBAMAHPEHBLMCEAGCAAA.customer.service@ssh.com> you wrote:
> Dear Secure Shell Community,

> A potential remote root exploit has been discovered 
> in SSH Secure Shell 3.0.0, for Unix only, concerning 
> accounts with password fields consisting of two or 
> fewer characters. Unauthorized users could potentially 
> log in to these accounts using any password, including 
> an empty password.  This affects SSH Secure Shell 3.0.0
> for Unix only.  This is a problem with password 
> authentication to the sshd2 daemon.  The SSH Secure 
> Shell client binaries (located by default in 
> /usr/local/bin) are not affected.   

> SSH Secure Shell 3.0.1 fixes this problem.
> ...
> ... Vulnerable ...
> ...
> Caldera Linux 2.4 


Caldera is not shipping the commercial version of SSH in its Linux
distribtuins and so is NOT vulnerable except in cases where the
administrator installed the commercial version of SSH.

We are instead providing OpenSSH version 2.9p2 for all supported platforms,
which is not affected by above flaw.

Ciao, Marcus
-- 
      _____     ___
     /  __/____/  /                Caldera (Deutschland) GmbH
    /  /_/ __  / /__          Naegelsbachstr. 49c, 91052 Erlangen
   /_____//_/ /____/       Dipl. Inf. Marcus Meissner, email: mm@caldera.de
  ==== /_____/ ======    phone: ++49 9131 7912-300, fax: ++49 9131 7192-399
   Caldera OpenLinux

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC