Debian: New openssh-krb5 packages fix denial of service and potential execution of arbitrary code

    Date04 Oct 2006
    CategoryDebian
    2359
    Posted ByLinuxSecurity Advisories
    Updated package.
    - --------------------------------------------------------------------------
    Debian Security Advisory DSA 1189-1                    This email address is being protected from spambots. You need JavaScript enabled to view it.
    http://www.debian.org/security/                         Moritz Muehlenhoff
    October 4th, 2006                       http://www.debian.org/security/faq
    - --------------------------------------------------------------------------
    
    Package        : openssh-krb5
    Vulnerability  : several
    Problem-Type   : remote
    Debian-specific: no
    CVE ID         : CVE-2006-4924 CVE-2006-5051
    
    Several remote vulnerabilities have been discovered in OpenSSH, a free
    implementation of the Secure Shell protocol, which may lead to denial of
    service and potentially the execution of arbitrary code. The Common
    Vulnerabilities and Exposures project identifies the following problems:
    
    CVE-2006-4924
    
        Tavis Ormandy of the Google Security Team discovered a denial of
        service vulnerability in the mitigation code against complexity
        attacks, which might lead to increased CPU consumption until a
        timeout is triggered. This is only exploitable if support for 
        SSH protocol version 1 is enabled.
    
    CVE-2006-5051
    
        Mark Dowd discovered that insecure signal handler usage could
        potentially lead to execution of arbitrary code through a double
        free. The Debian Security Team doesn't believe the general openssh
        package without Kerberos support to be exploitable by this issue.
        However, due to the complexity of the underlying code we will
        issue an update to rule out all eventualities.
    
    For the stable distribution (sarge) these problems have been fixed in
    version 3.8.1p1-7sarge1.
    
    For the unstable distribution (sid) these problems have been fixed in
    version 4.3p2-4 of openssh. openssh-krb5 will soon be converted towards
    a transitional package against openssh.
    
    We recommend that you upgrade your openssh-krb5 packages.
    
    
    Upgrade Instructions
    - --------------------
    
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    
    
    Debian GNU/Linux 3.1 alias sarge
    - --------------------------------
    
      Source archives:
    
        http://security.debian.org/pool/updates/main/o/openssh-krb5/openssh-krb5_3.8.1p1-7sarge1.dsc
          Size/MD5 checksum:      693 d0a8ac5b868c5f84fd372c9ef597f3a6
        http://security.debian.org/pool/updates/main/o/openssh-krb5/openssh-krb5_3.8.1p1-7sarge1.diff.gz
          Size/MD5 checksum:   167076 1fcdbc92c7a0992711b2dc67b9923ba7
        http://security.debian.org/pool/updates/main/o/openssh-krb5/openssh-krb5_3.8.1p1.orig.tar.gz
          Size/MD5 checksum:   795948 9ce6f2fa5b2931ce2c4c25f3af9ad50d
    
      Alpha architecture:
    
        http://security.debian.org/pool/updates/main/o/openssh-krb5/ssh-krb5_3.8.1p1-7sarge1_alpha.deb
          Size/MD5 checksum:   909896 44611f5a619acf0bccdeb366d76f39c5
    
      AMD64 architecture:
    
        http://security.debian.org/pool/updates/main/o/openssh-krb5/ssh-krb5_3.8.1p1-7sarge1_amd64.deb
          Size/MD5 checksum:   773658 dc8335560cead18af3fa4eb52911af92
    
      ARM architecture:
    
        http://security.debian.org/pool/updates/main/o/openssh-krb5/ssh-krb5_3.8.1p1-7sarge1_arm.deb
          Size/MD5 checksum:   689752 18e79d4e27c0ec313147e0951ef6082a
    
      HP Precision architecture:
    
        http://security.debian.org/pool/updates/main/o/openssh-krb5/ssh-krb5_3.8.1p1-7sarge1_hppa.deb
          Size/MD5 checksum:   780142 5e692daa057c38f1fa1f0f877824e991
    
      Intel IA-32 architecture:
    
        http://security.debian.org/pool/updates/main/o/openssh-krb5/ssh-krb5_3.8.1p1-7sarge1_i386.deb
          Size/MD5 checksum:   706910 a4eda3cc320f77d2dc1065976086c31f
    
      Intel IA-64 architecture:
    
        http://security.debian.org/pool/updates/main/o/openssh-krb5/ssh-krb5_3.8.1p1-7sarge1_ia64.deb
          Size/MD5 checksum:  1004916 91f89e80f1a27f942bd5fe9e7ae2ba3e
    
      Motorola 680x0 architecture:
    
        http://security.debian.org/pool/updates/main/o/openssh-krb5/ssh-krb5_3.8.1p1-7sarge1_m68k.deb
          Size/MD5 checksum:   651232 8f41b159434ef7bf3187cd4954e816cc
    
      Big endian MIPS architecture:
    
        http://security.debian.org/pool/updates/main/o/openssh-krb5/ssh-krb5_3.8.1p1-7sarge1_mips.deb
          Size/MD5 checksum:   790716 cbc586aa73bcf295cd61f1c09e8015d8
    
      Little endian MIPS architecture:
    
        http://security.debian.org/pool/updates/main/o/openssh-krb5/ssh-krb5_3.8.1p1-7sarge1_mipsel.deb
          Size/MD5 checksum:   793644 3364603438fceb21bffdd3efb4887e0e
    
      PowerPC architecture:
    
        http://security.debian.org/pool/updates/main/o/openssh-krb5/ssh-krb5_3.8.1p1-7sarge1_powerpc.deb
          Size/MD5 checksum:   757954 ddb9cbba0e84f84da8e60fcbcbaddbae
    
      IBM S/390 architecture:
    
        http://security.debian.org/pool/updates/main/o/openssh-krb5/ssh-krb5_3.8.1p1-7sarge1_s390.deb
          Size/MD5 checksum:   771520 2148d40fa59dc98b94ac6a03ed2c444f
    
      Sun Sparc architecture:
    
        http://security.debian.org/pool/updates/main/o/openssh-krb5/ssh-krb5_3.8.1p1-7sarge1_sparc.deb
          Size/MD5 checksum:   694800 9c059e2e4ba232774a522da0a2757f06
    
    
      These files will probably be moved into the stable distribution on
      its next update.
    
    - ---------------------------------------------------------------------------------
    For apt-get: deb http://security.debian.org/ stable/updates main
    For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"25","type":"x","order":"1","pct":54.35,"resources":[]},{"id":"88","title":"Should be more technical","votes":"5","type":"x","order":"2","pct":10.87,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"16","type":"x","order":"3","pct":34.78,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.