SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Security)  >   OpenSSH Vendors:   OpenSSH.org
OpenSSH 3.0 Denial of Service Condition May Allow Remote Users to Crash the sshd Daemon and KerberosV Configuration Error May Allow Remote Users to Partially Authenticate When Authentication Should Not Be Permitted
SecurityTracker Alert ID:  1002748
SecurityTracker URL:  http://securitytracker.com/id/1002748
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Nov 14 2001
Impact:   Denial of service via network, Host/resource access via network
Fix Available:  Yes  
Version(s): OpenSSH 3.0
Description:   OpenBSD reported an authentication vulnerability with the sshd secure shell daemon in OpenSSH. A remote user may be able to partially authenticate in a certain configuration where authentication should not be permitted. A remote user may be able to cause the daemon to crash.

It is reported that OpenSSH 3.0 contains a security hole that may allow a remote user to partially authenticate if the administrator has enabled KerberosV. This is apparently due to a condition where KerberosV may be activated with a configuration error.

It is also reported that the daemon contains an excessive memory clearing bug. The vendor believes that this cannot be exploited to gain remote access, but acknowledges that it may cause daemon crashes.

Details of the vulnerabilities were not provided.

Impact:   A remote user may be able to partially authenticate when that should not be permitted. A remote user may be able to cause the daemon to crash.
Solution:   OpenBSD reports that sshd(8) is being upgraded from OpenSSH 3.0 to OpenSSH 3.0.1 to fix a few security related problems. A source code patch that is essentially an upgrade of OpenSSH 3.0 to OpenSSH 3.0.1 is available for OpenBSD:

ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.0/common/002_ssh.patch

Patches for other operating systems were not available at the time of this entry.

Vendor URL:  www.openssh.org/ (Links to External Site)
Cause:   Authentication error, Resource error
Underlying OS:  Linux (Any), UNIX (Any)
Underlying OS Comments:  Fix is for OpenBSD; other operating systems may also be affected

Message History:   This archive entry has one or more follow-up message(s) listed below.
(Vendor Issues Fix) Re: OpenSSH 3.0 Denial of Service Condition May Allow Remote Users to Crash the sshd Daemon and KerberosV Configuration Error May Allow Remote Users to Partially Authenticate When Authentication Should Not Be Permitted
The vendor has released a fix.



 Source Message Contents

Subject:  OpenSSH upgrade to 3.0.1


002: SECURITY FIX: November 12, 2001

sshd(8) is being upgraded from OpenSSH 3.0 to OpenSSH 3.0.1 to fix a few
problems: 

        - A security hole that may allow an attacker to partially 
          authenticate if -- and only if -- the administrator has
enabled
          KerberosV.  
          By default, OpenSSH KerberosV support only becomes active
after
          KerberosV has been properly configured. 

        - An excessive memory clearing bug (which we believe to be
          unexploitable) also exists, but since this may cause
          daemon crashes, we are providing a patch as well. 

        - Various other non-critical fixes. 

Effectively an upgrade of OpenSSH 3.0 to OpenSSH 3.0.1, a source code
patch exists which remedies these problems:

ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.0/common/002_ssh.patch


 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2022, SecurityGlobal.net LLC