SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Security)  >   OpenSSH Vendors:   OpenSSH.org
(Vendor Issues Fix) Re: OpenSSH 3.0 Denial of Service Condition May Allow Remote Users to Crash the sshd Daemon and KerberosV Configuration Error May Allow Remote Users to Partially Authenticate When Authentication Should Not Be Permitted
SecurityTracker Alert ID:  1002776
SecurityTracker URL:  http://securitytracker.com/id/1002776
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Nov 20 2001
Impact:   Denial of service via network, Host/resource access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): OpenSSH 3.0
Description:   OpenBSD reported an authentication vulnerability with the sshd secure shell daemon in OpenSSH. A remote user may be able to partially authenticate in a certain configuration where authentication should not be permitted. A remote user may be able to cause the daemon to crash.

It is reported that OpenSSH 3.0 contains a security hole that may allow a remote user to partially authenticate if the administrator has enabled KerberosV. This is apparently due to a condition where KerberosV may be activated with a configuration error.

It is also reported that the daemon contains an excessive memory clearing bug. The vendor believes that this cannot be exploited to gain remote access, but acknowledges that it may cause daemon crashes.

Details of the vulnerabilities were not provided.

Impact:   A remote user may be able to partially authenticate when that should not be permitted. A remote user may be able to cause the daemon to crash.
Solution:   OpenSSH 3.0.1 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly.
Vendor URL:  www.openssh.org/ (Links to External Site)
Cause:   Authentication error, Resource error
Underlying OS:  Linux (Any), UNIX (Any)
Underlying OS Comments:  Fix is for OpenBSD; other operating systems may also be affected

Message History:   This archive entry is a follow-up to the message listed below.
Nov 14 2001 OpenSSH 3.0 Denial of Service Condition May Allow Remote Users to Crash the sshd Daemon and KerberosV Configuration Error May Allow Remote Users to Partially Authenticate When Authentication Should Not Be Permitted



 Source Message Contents

Subject:  OpenSSH 3.0.1 (fwd)



---------- Forwarded message ----------
Date: Mon, 19 Nov 2001 17:13:02 +0100
From: openssh@openbsd.org
Reply-To: openssh-unix-dev@mindrot.org
To: announce@openbsd.org
Subject: OpenSSH 3.0.1

OpenSSH 3.0.1 has just been released. It will be available from the
mirrors listed at http://www.openssh.com/ shortly.

OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0
implementation and includes sftp client and server support.

We would like to thank the OpenSSH community for their continued
support and encouragement.

Important Changes:
==================

        A security hole that may allow an attacker to authenticate
        if -- and only if -- the administrator has enabled KerberosV.
        By default, OpenSSH KerberosV support only becomes active
        after KerberosV has been properly configured.

        An excessive memory clearing bug (which we believe to be
        unexploitable) also exists, but since this may cause daemon
        crashes, we are providing a fix as well.

        Various other non-critical fixes (~& support and more).

OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de Raadt,
Kevin Steves, Damien Miller and Ben Lindstrom.

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2022, SecurityGlobal.net LLC