Hi Cesar, We have not tested SSH Secure Shell 3.0.0 on AIX 4.2.1 for this vulnerability, so I cannot verify that one. The HP-UX issue is a little more complex, however. SSH Secure Shell 3.0.0 has proven vulnerable when running on HP-UX 10.20 and 11.00 (trusted AND untrusted) in the following, NON-DEFAULT situation: - The password field of /etc/passwd is modified to contain two characters While this is a situation which does not occur natively in HP-UX 10.20 or 11.00, we have listed them as affected because there may be situations where this could occur. One which comes immediately to mind is the installation of some third-party software which modifies /etc/passwd . Another is improper editing of the /etc/passwd - perhaps by someone who is very familiar with Solaris, for example, and puts 'NP' in the password field. All told, we felt it was best to list HP-UX 10.20 and 11.00 as affected by this vulnerability of SSH Secure Shell 3.0.0 in the face of these possibilities. Best Regards, Steph -----Original Message----- From: Vega, Cesar [mailto:cesar.vegaat_private] Sent: Wednesday, July 25, 2001 1:01 PM To: Stephanie Thomas; bugtraqat_private Subject: RE: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0 Same thing in AIX 4.2.1.0 and HP-UX 10.20/11.00, previously configured as Trusted System. Cordial Greetings, CVC # -----Original Message----- # From: Stephanie Thomas [mailto:customer.serviceat_private] # Sent: Wednesday, July 25, 2001 11:18 AM # To: Emre Yildirim; bugtraqat_private # Subject: RE: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0 # # # Hi Emre, # # We have tested OpenBSD and NetBSD, and have found # that they do not experience this vulnerability, # even with ssh 3.0.0 installed. # # This is most likely due to the method used to encrypt the # password in /etc/passwd or /etc/shadow. # # Best Regards, # # Steph # # -----Original Message----- # From: Emre Yildirim [mailto:emreat_private] # Sent: Monday, July 23, 2001 5:12 PM # To: bugtraqat_private # Cc: customer.serviceat_private # Subject: RE: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0 # # # # > SSH Secure Shell 3.0.0 does not ship with any # > of the operating systems mentioned, nor does the # > announcement specify that it does. However, if a # > user has explicitly installed SSH Secure Shell 3.0.0 # > on any of the listed operating systems, they are # > vulnerable to this potential exploit. # > # # I don't want to drag this boring thread any longer, but in # your advisory, it stated that OpenBSD and NetBSD were # not vulnerable. So...if I install SSH 3.0.0 on one of those # (even though the already come with openssh), ssh will not # be vulnerable to this bug? Or will it? I think that part # created a little confusion. # # # Cheers # # #
This archive was generated by hypermail 2b30 : Thu Jul 26 2001 - 14:15:29 PDT