Mandriva, Inc. Information for VU#333628

OpenSSH contains buffer management errors

Status

Affected

Vendor Statement

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

Mandrake Linux Security Update Advisory
________________________________________________________________________

Package name:           openssh
Advisory ID:            MDKSA-2003:090-1
Date:                   September 17th, 2003
Original Advisory Date: September 16th, 2003
Affected versions: 8.2, 9.0, 9.1, Corporate Server 2.1,

Multi Network Firewall 8.2
________________________________________________________________________

Problem Description:

A buffer management error was discovered in all versions of openssh
prior to version 3.7.  According to the OpenSSH team's advisory:
"It is uncertain whether this error is potentially exploitable,
however, we prefer to see bugs fixed proactively."  There have also
been reports of an exploit in the wild.


MandrakeSoft encourages all users to upgrade to these patched openssh
packages immediately and to disable sshd until you are able to upgrade
if at all possible.


Update:

The OpenSSH developers discovered more, similar, problems and revised
the patch to correct these issues.  These new packages have the latest
patch fix applied.

________________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0693
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0695
http://www.kb.cert.org/vuls/id/333628
http://www.openssh.com/txt/buffer.adv
________________________________________________________________________

Updated Packages:

Corporate Server 2.1:
e4dd6a2be580feeceddb7bf702646992  corporate/2.1/RPMS/openssh-3.6.1p2-1.2.90mdk.i586.rpm
b643425ed773606865f31797db73b6d5  corporate/2.1/RPMS/openssh-askpass-3.6.1p2-1.2.90mdk.i586.rpm
bf403b678dd74c14c489bf5a32939e80  corporate/2.1/RPMS/openssh-askpass-gnome-3.6.1p2-1.2.90mdk.i586.rpm
c4ec1f56320d69a37455d4f74da30d2d  corporate/2.1/RPMS/openssh-clients-3.6.1p2-1.2.90mdk.i586.rpm
0252fc0a7273c7c2ebbe4ae92fe492c6  corporate/2.1/RPMS/openssh-server-3.6.1p2-1.2.90mdk.i586.rpm
8909a7349c3e18993784900e1c501dc8  corporate/2.1/SRPMS/openssh-3.6.1p2-1.2.90mdk.src.rpm


Corporate Server 2.1/x86_64:
7a297d5ad1cf8f266a7045e5ed6407b4  x86_64/corporate/2.1/RPMS/openssh-3.6.1p2-1.2.90mdk.x86_64.rpm
0e1047d7ac87e4cb2fc83f51156f89e8  x86_64/corporate/2.1/RPMS/openssh-askpass-3.6.1p2-1.2.90mdk.x86_64.rpm
09592be1376bff2acb58577eb22927e5  x86_64/corporate/2.1/RPMS/openssh-askpass-gnome-3.6.1p2-1.2.90mdk.x86_64.rpm
cb39634d5cb6811a53e833a566dca625  x86_64/corporate/2.1/RPMS/openssh-clients-3.6.1p2-1.2.90mdk.x86_64.rpm
2e49b64404318ee3c10f7088781f36da  x86_64/corporate/2.1/RPMS/openssh-server-3.6.1p2-1.2.90mdk.x86_64.rpm
8909a7349c3e18993784900e1c501dc8  x86_64/corporate/2.1/SRPMS/openssh-3.6.1p2-1.2.90mdk.src.rpm


Mandrake Linux 8.2:
862ccaea668653af1dd98d4f4cba388e  8.2/RPMS/openssh-3.6.1p2-1.2.82mdk.i586.rpm
abb351c902abd9bcfc7eefd0d8e56b43  8.2/RPMS/openssh-askpass-3.6.1p2-1.2.82mdk.i586.rpm
614a6bd4680be732689f5bd1e791a351  8.2/RPMS/openssh-askpass-gnome-3.6.1p2-1.2.82mdk.i586.rpm
baa534caf5c7121741a7089e11cd169e  8.2/RPMS/openssh-clients-3.6.1p2-1.2.82mdk.i586.rpm
6f0b03ff0dd99857159177d3e797e916  8.2/RPMS/openssh-server-3.6.1p2-1.2.82mdk.i586.rpm
d6fd51341f521dc7fc2086915dcaec20  8.2/SRPMS/openssh-3.6.1p2-1.2.82mdk.src.rpm


Mandrake Linux 8.2/PPC:
c453de5cac92707c112c9245663fd25c  ppc/8.2/RPMS/openssh-3.6.1p2-1.2.82mdk.ppc.rpm
48211a23e464b38ebd4e7deed7347f48  ppc/8.2/RPMS/openssh-askpass-3.6.1p2-1.2.82mdk.ppc.rpm
77d27118abff6a1d6c0f57c167fefb52  ppc/8.2/RPMS/openssh-askpass-gnome-3.6.1p2-1.2.82mdk.ppc.rpm
b58b03854614f14c861f42121d165a2b  ppc/8.2/RPMS/openssh-clients-3.6.1p2-1.2.82mdk.ppc.rpm
9c477dda47eab7cad24839d0ea43e6a4  ppc/8.2/RPMS/openssh-server-3.6.1p2-1.2.82mdk.ppc.rpm
d6fd51341f521dc7fc2086915dcaec20  ppc/8.2/SRPMS/openssh-3.6.1p2-1.2.82mdk.src.rpm


Mandrake Linux 9.0:
e4dd6a2be580feeceddb7bf702646992  9.0/RPMS/openssh-3.6.1p2-1.2.90mdk.i586.rpm
b643425ed773606865f31797db73b6d5  9.0/RPMS/openssh-askpass-3.6.1p2-1.2.90mdk.i586.rpm
bf403b678dd74c14c489bf5a32939e80  9.0/RPMS/openssh-askpass-gnome-3.6.1p2-1.2.90mdk.i586.rpm
c4ec1f56320d69a37455d4f74da30d2d  9.0/RPMS/openssh-clients-3.6.1p2-1.2.90mdk.i586.rpm
0252fc0a7273c7c2ebbe4ae92fe492c6  9.0/RPMS/openssh-server-3.6.1p2-1.2.90mdk.i586.rpm
8909a7349c3e18993784900e1c501dc8  9.0/SRPMS/openssh-3.6.1p2-1.2.90mdk.src.rpm


Mandrake Linux 9.1:
2f657dd739f51adad400b75e627db53a  9.1/RPMS/openssh-3.6.1p2-1.2.91mdk.i586.rpm
2284741fdae6b3809b85f1f193dc9c7b  9.1/RPMS/openssh-askpass-3.6.1p2-1.2.91mdk.i586.rpm
3462362cb6364701bfe536541f24d349  9.1/RPMS/openssh-askpass-gnome-3.6.1p2-1.2.91mdk.i586.rpm
5a8b2d3763dfc4dd77c7705401b4155e  9.1/RPMS/openssh-clients-3.6.1p2-1.2.91mdk.i586.rpm
508f52a1bc06e57b5176c31dc7d1674b  9.1/RPMS/openssh-server-3.6.1p2-1.2.91mdk.i586.rpm
4d9c124f212d3ad840bc19f6579784fc  9.1/SRPMS/openssh-3.6.1p2-1.2.91mdk.src.rpm


Mandrake Linux 9.1/PPC:
bf558d8fba0c8f779f73e8a3f75956d8  ppc/9.1/RPMS/openssh-3.6.1p2-1.2.91mdk.ppc.rpm
ca0ff77a847d5485cf03e4abb1fc7a88  ppc/9.1/RPMS/openssh-askpass-3.6.1p2-1.2.91mdk.ppc.rpm
4c45f30751958b8347713b818a55caf1  ppc/9.1/RPMS/openssh-askpass-gnome-3.6.1p2-1.2.91mdk.ppc.rpm
e7912e06b6bf2579badac32f583d8511  ppc/9.1/RPMS/openssh-clients-3.6.1p2-1.2.91mdk.ppc.rpm
809424b2dd19bd2f654fdf4743fc5a8b  ppc/9.1/RPMS/openssh-server-3.6.1p2-1.2.91mdk.ppc.rpm
4d9c124f212d3ad840bc19f6579784fc  ppc/9.1/SRPMS/openssh-3.6.1p2-1.2.91mdk.src.rpm


Multi Network Firewall 8.2:
862ccaea668653af1dd98d4f4cba388e  mnf8.2/RPMS/openssh-3.6.1p2-1.2.82mdk.i586.rpm
baa534caf5c7121741a7089e11cd169e  mnf8.2/RPMS/openssh-clients-3.6.1p2-1.2.82mdk.i586.rpm
6f0b03ff0dd99857159177d3e797e916  mnf8.2/RPMS/openssh-server-3.6.1p2-1.2.82mdk.i586.rpm
d6fd51341f521dc7fc2086915dcaec20  mnf8.2/SRPMS/openssh-3.6.1p2-1.2.82mdk.src.rpm

________________________________________________________________________

Bug IDs fixed (see https://qa.mandrakesoft.com for more information):
________________________________________________________________________

To upgrade automatically, use MandrakeUpdate or urpmi.  The verification
of md5 checksums and GPG signatures is performed automatically for you.

A list of FTP mirrors can be obtained from:

http://www.mandrakesecure.net/en/ftp.php

All packages are signed by MandrakeSoft for security.  You can obtain
the GPG public key of the Mandrake Linux Security Team by executing:

gpg --recv-keys --keyserver www.mandrakesecure.net 0x22458A98

Please be aware that sometimes it takes the mirrors a few hours to
update.

You can view other update advisories for Mandrake Linux at:

http://www.mandrakesecure.net/en/advisories/

MandrakeSoft has several security-related mailing list services that
anyone can subscribe to.  Information on these lists can be obtained by
visiting:

http://www.mandrakesecure.net/en/mlist.php

If you want to report vulnerabilities, please contact

security_linux-mandrake.com

Type Bits/KeyID     Date       User ID
pub  1024D/22458A98 2000-07-10 Linux Mandrake Security Team

<security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQE/aIYrmqjQ0CJFipgRAkuzAKCZtNMVd9LqiR0CVbkz9XILvIB4hACeIlqv
LB/u5JclV/2Ny+Cao90MLTc=
=0Nsc
-----END PGP SIGNATURE-----

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.