[15304] in bugtraq
CONECTIVA LINUX SECURITY ANNOUNCEMENT - OPENSSH
daemon@ATHENA.MIT.EDU (Andreas Hasenack)
Sat Jun 10 16:39:33 2000
Mail-Followup-To: Andreas Hasenack <andreas@conectiva.com.br>,
bugtraq@securityfocus.com, lwn@lwn.net, bos@sekure.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Message-Id: <20000610141156.F3275@conectiva.com.br>
Date: Sat, 10 Jun 2000 14:11:56 -0300
Reply-To: Andreas Hasenack <andreas@CONECTIVA.COM.BR>
From: Andreas Hasenack <andreas@CONECTIVA.COM.BR>
X-To: lwn@lwn.net, bos@sekure.org
To: BUGTRAQ@SECURITYFOCUS.COM
----------------------------------------------------------------------
CONECTIVA LINUX SECURITY ANNOUNCEMENT
----------------------------------------------------------------------
PACKAGE: openssh
SUMMARY : "UseLogin" option allows remote execution
of commands as root
DATE : 2000-06-10
AFFECTED CONECTIVA VERSIONS : 5.0
----------------------------------------------------------------------
DESCRIPTION
Openssh's default installation doesn't have this problem.
If the "UseLogin" option is used, then the ssh server won't drop
its root privileges, instead relying on the login program to do
so. But if the user specifies a command to be executed during the
ssh session, the login program won't be used and the program will
be run with full root privileges.
SOLUTION
Users with the "UseLogin" option set to "no" in /etc/ssh/sshd_config
are not vulnerable. If, however, this option is needed, then openssh
MUST be upgraded IMMEDIATELY.
Updated packages for openssl are also provided to satisfy openssh's
dependencies.
DIRECT DOWNLOAD LINKS TO UPDATED PACKAGES
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/5.0/i386/openssh-2.1.1p1-1cl.i386.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/5.0/i386/openssh-askpass-2.1.1p1-1cl.i386.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/5.0/i386/openssh-askpass-gnome-2.1.1p1-1cl.i386.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/5.0/i386/openssh-clients-2.1.1p1-1cl.i386.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/5.0/i386/openssh-server-2.1.1p1-1cl.i386.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/5.0/i386/openssl-0.9.5a-1cl.i386.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/5.0/i386/openssl-devel-0.9.5a-1cl.i386.rpm
DIRECT LINK TO THE SOURCE PACKAGE
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/5.0/SRPMS/openssh-2.1.1p1-1cl.src.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/5.0/SRPMS/openssl-0.9.5a-1cl.src.rpm
----------------------------------------------------------------------
All packages are signed with Conectiva's PGP key. The key can be obtained at
http://www.conectiva.com.br/conectiva/contato.html
----------------------------------------------------------------------
subscribe: atualizacoes-anuncio-subscribe@bazar.conectiva.com.br
unsubscribe: atualizacoes-anuncio-unsubscribe@bazar.conectiva.com.br
