OpenSSH Buffer Management Vulnerabilities

Forum Moderators: bakedjake

Message Too Old, No Replies

OpenSSH Buffer Management Vulnerabilities

OpenSSH Versions prior to 3.7.1

movieclub

6:26 am on Jan 2, 2005 (gmt 0)

I am reading that OpenSSH Versions prior to 3.7.1 are vulnerable to a dangerous flaw in the buffer resizing functions which allows an attacker to easily execute arbitrary commands on this host. This is a very dangerous vulnerability and is often targeted by hackers.

I am on RedHat 7.3 and I cant find a version 3.7.1 or later for 7.3, any ideas on how do solve these problems?

freeflight2

9:03 pm on Jan 4, 2005 (gmt 0)

where did you read that?
[openssh.com...] doesn't tell me anything about that.

You can always download the source at openssh,
configure && make && make install
will do the rest.

tolachi

12:34 am on Jan 19, 2005 (gmt 0)

set UsePrivilegeSeparation to yes.

This will cause ssh to use a non root process to do the login authentication thus making it so that root access could not be gained if the process were hacked. I had the same issue on all of my servers and this was the listed work around.

encyclo

12:57 am on Jan 19, 2005 (gmt 0)

I don't know about this particular vulnerability, but you can get patched versions of RedHat 7.3 RPMs from the Fedora Legacy project (supported by RedHat):

[fedoralegacy.org...]

You can use APT or YUM to synchronize against their servers and get the patched versions for most supported programs.