[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [linux-security] ALERT: possibility of remote root exploit in openssh (Debian)

To: linux-security@sfu.ca
Subject: Re: [linux-security] ALERT: possibility of remote root exploit in openssh (Debian)
From: Martin Siegert <siegert@sfu.ca>
Date: Tue, 16 Sep 2003 13:28:55 -0700
In-Reply-To: <20030916190726.GB16988@stikine.ucs.sfu.ca>
References: <20030916190726.GB16988@stikine.ucs.sfu.ca>
User-Agent: Mutt/1.4.1i

On Tue, Sep 16, 2003 at 12:07:26PM -0700, Martin Siegert wrote:
> Topic
> =====
> possibility of remote root exploit in openssh
> 
> Problem Description
> ===================
> A bug has been found in the OpenSSH buffer handling code. This bug has
> the potential of being remotely exploitable. Upgrading to a fixed
> version immediately is strongly advised.
> 
> Affected Versions
> =================
> All versions of OpenSSH's sshd prior to 3.7
> 
> Solution
> ========
> Upgrade to openssh-3.7p1 or apply the patch that is appended at the
> end of the advisory (setion Patch). Or upgrade to a patched version
> for your distribution.

Debian 3.0 (woody)
------------------
upgrade to ssh_3.4p1-1.1_i386.deb, ssh-askpass-gnome_3.4p1-1.1_i386.deb

References:
- [linux-security] ALERT: possibility of remote root exploit in openssh
  - From: Martin Siegert <siegert@sfu.ca>
- [linux-security] ALERT: possibility of remote root exploit in openssh
  - From: Martin Siegert <siegert@sfu.ca>

Prev by Date: [linux-security] ALERT: possibility of remote root exploit in openssh
Next by Date: Re: [linux-security] ALERT: possibility of remote root exploit in openssh (Mandrake)
Prev by thread: [linux-security] ALERT: possibility of remote root exploit in openssh
Next by thread: Re: [linux-security] ALERT: possibility of remote root exploit in openssh (Mandrake)
Index(es):
- Date
- Thread