----------------------------------------------------------------------- Immunix OS Security Advisory Packages updated: openssh Affected products: Immunix OS 7.0 and 6.2 Bugs fixed: immunix/1621, immunix/1706, immunix/1747 Date: Wed Oct 17 2001 Advisory ID: IMNX-2001-70-034-01 Author: Seth Arnold <sarnoldat_private> ----------------------------------------------------------------------- Description: This release fixes several issues; two of moderate severity, and one of slight severity. First, Peter W found that command restrictions placed on keys did not apply to subsystems such as sftp, essentially allowing users to bypass the command restrictions placed upon the key. Second, the OpenSSH team found that IP source restrictions could be bypassed when the authorized_keys file contained both RSA and DSA keys. Last, zen-parse found that any file named 'cookies' could be deleted remotely. While Solar Designer's Openwall kernel patch prevents the third problem from being exploited, the first two problems are likely exploitable on Immunix OS computers, depending upon the local configuration. OpenSSH release 2.9.9p2 fixes all three problems. We recommend all users should upgrade OpenSSH. Markus notes in the third reference some possible incompatibilities between version 2.9.9p2 and previous versions. References: http://www.securityfocus.com/archive/1/188450 http://www.securityfocus.com/archive/1/214921 http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=100153847110859&w=2 Package names and locations: Precompiled binary packages for Immunix 7.0 are available at: ftp://ftp.ibiblio.org/pub/Linux/distributions/immunix/7.0/updates/RPMS/openssh-2.9.9p2-1.0_imnx.i386.rpm ftp://ftp.ibiblio.org/pub/Linux/distributions/immunix/7.0/updates/RPMS/openssh-askpass-2.9.9p2-1.0_imnx.i386.rpm ftp://ftp.ibiblio.org/pub/Linux/distributions/immunix/7.0/updates/RPMS/openssh-clients-2.9.9p2-1.0_imnx.i386.rpm ftp://ftp.ibiblio.org/pub/Linux/distributions/immunix/7.0/updates/RPMS/openssh-server-2.9.9p2-1.0_imnx.i386.rpm Source package for Immunix 7.0 is available at: ftp://ftp.ibiblio.org/pub/Linux/distributions/immunix/7.0/updates/SRPMS/openssh-2.9.9p2-1.0_imnx.src.rpm Immunix OS 7.0 md5sums: 53ce20e6fea913265b81fe8ac38da5ab RPMS/openssh-2.9.9p2-1.0_imnx.i386.rpm c1262b10f768266c3d9d61199a972974 RPMS/openssh-askpass-2.9.9p2-1.0_imnx.i386.rpm 4b9fdeee5dbd1539aff217fafd6bb14d RPMS/openssh-clients-2.9.9p2-1.0_imnx.i386.rpm e3963cb9219dc6f8382f9bb1737a586e RPMS/openssh-server-2.9.9p2-1.0_imnx.i386.rpm d9d77da287fb88f96164b910917650a6 SRPMS/openssh-2.9.9p2-1.0_imnx.src.rpm GPG verification: Our public key is available at <http://wirex.com/security/GPG_KEY>. *** NOTE *** This key is different from the one used in advisories IMNX-2001-70-020-01 and earlier. Online version of all Immunix 6.2 updates and advisories: http://immunix.org/ImmunixOS/6.2/updates/ Online version of all Immunix 7.0-beta updates and advisories: http://immunix.org/ImmunixOS/7.0-beta/updates/ Online version of all Immunix 7.0 updates and advisories: http://immunix.org/ImmunixOS/7.0/updates/ NOTE: Ibiblio is graciously mirroring our updates, so if the links above are slow, please try: ftp://ftp.ibiblio.org/pub/Linux/distributions/immunix/ or one of the many mirrors available at: http://www.ibiblio.org/pub/Linux/MIRRORS.html ImmunixOS 6.2 is no longer officially supported. Contact information: To report vulnerabilities, please contact securityat_private WireX attempts to conform to the RFP vulnerability disclosure protocol <http://www.wiretrip.net/rfp/policy.html>.
This archive was generated by hypermail 2b30 : Wed Oct 17 2001 - 22:26:29 PDT