Linux Security
    Linux Security
    Linux Security

    Debian: UPDATE2: 'OpenSSH' Input Validation Vulnerability

    Date 27 Jun 2002
    Posted By LinuxSecurity Advisories
    This advisory is an update to DSA-134-3: this advisory containsupdated information that is relevant to all Debian installations ofOpenSSH (the ssh package). DSA-134-4 supersedes previous versions ofDSA-134.
    Debian Security Advisory DSA-134-4                   This email address is being protected from spambots. You need JavaScript enabled to view it. Michael Stone
    June 27, 2002
    Package        : ssh
    Problem type   : remote exploit
    Debian-specific: no
    CERT advisory  : CA-2002-18
    This advisory is an update to DSA-134-3: this advisory contains
    updated information that is relevant to all Debian installations of
    OpenSSH (the ssh package). DSA-134-4 supersedes previous versions of
    ISS X-Force released an advisory about an OpenSSH "Remote Challenge
    Vulnerability". Unfortunately, the advisory was incorrect on some
    points, leading to widespread confusion about the impact of this
    vulnerability. No version of OpenSSH in Debian is affected by the
    SKEY and BSD_AUTH authentication methods described in the ISS
    advisory. However, Debian does include OpenSSH servers with the PAM
    feature described as vulnerable in the later advisory by the OpenSSH
    team. (This vulnerable feature is authentication using PAM via the
    keyboard-interactive mechanism [kbdint].) This vulnerability affects
    OpenSSH versions 2.3.1 through 3.3. No exploit is currently known for
    the PAM/kbdint vulnerability, but the details are publicly known. All
    of these vulnerabilities were corrected in OpenSSH 3.4.
    In addition to the vulnerabilities fixes outlined above, our OpenSSH
    packages version 3.3 and higher support the new privilege separation
    feature from Niels Provos, which changes ssh to use a separate
    non-privileged process to handle most of the work. Vulnerabilities in
    the unprivileged parts of OpenSSH will lead to compromise of an
    unprivileged account restricted to an empty chroot, rather than a
    direct root compromise. Privilege separation should help to mitigate
    the risks of any future OpenSSH compromise.
    Debian 2.2 (potato) shipped with an ssh package based on OpenSSH
    1.2.3, and is not vulnerable to the vulnerabilities covered by this
    advisory. Users still running a version 1.2.3 ssh package do not have
    an immediate need to upgrade to OpenSSH 3.4. Users who upgraded to the
    OpenSSH version 3.3 packages released in previous iterations of
    DSA-134 should upgrade to the new version 3.4 OpenSSH packages, as the
    version 3.3 packages are vulnerable. We suggest that users running
    OpenSSH 1.2.3 consider a move to OpenSSH 3.4 to take advantage of the
    privilege separation feature. (Though, again, we have no specific
    knowledge of any vulnerability in OpenSSH 1.2.3. Please carefully read
    the caveats listed below before upgrading from OpenSSH 1.2.3.) We
    recommend that any users running a back-ported version of OpenSSH
    version 2.0 or higher on potato move to OpenSSH 3.4.
    The current pre-release version of Debian (woody) includes an OpenSSH
    version 3.0.2p1 package (ssh), which is vulnerable to the PAM/kbdint
    problem described above. We recommend that users upgrade to OpenSSH
    3.4 and enable privilege separation. Please carefully read the release
    notes below before upgrading. Updated packages for ssh-krb5 (an
    OpenSSH package supporting kerberos authentication) are currently
    being developed. Users who cannot currently upgrade their OpenSSH
    packages may work around the known vulnerabilities by disabling the
    vulnerable features: make sure the following lines are uncommented and
    present in /etc/ssh/sshd_config and restart ssh
      PAMAuthenticationViaKbdInt no
      ChallengeResponseAuthentication no
    There should be no other PAMAuthenticationViaKbdInt or
    ChallengeResponseAuthentication entries in sshd_config.
    That concludes the vulnerability section of this advisory. What
    follows are release notes related to the OpenSSH 3.4 package and the
    privilege separation feature. URLs for the OpenSSH 3.4 packages are at
    the bottom.
    Some notes on possible issues associated with this upgrade:
    * This package introduce a new account called `sshd' that is used in
      the privilege separation code. If no sshd account exists the package
      will try to create one. If the account already exists it will be
      re-used. If you do not want this to happen you will have to fix this
    * (relevant for potato only) This update adds a back-port of version
      0.9.6c of the SSL library. This means you will have to upgrade the
      libssl0.9.6 package as well.
    * (relevant for potato only) This update uses version 2 of the SSH
      protocol by default (even if configured to support version 1 of the
      SSH protocol) This can break existing setups where RSA
      authentication is used. You will either have to
        - add -1 to the ssh invocation to keep using SSH protocol 1 and
          your existing keys, or
        - change the Protocol line in /etc/ssh/ssh_config and/or
          /etc/ssh/sshd_config to "Protocol 1,2" to try protocol 1 before
          protocol 2, or
        - create new rsa or dsa keys for SSH protocol 2
    * sshd defaults to enabling privilege separation, even if you do not
      explicitly enable it in /etc/ssh/sshd_config
    * ssh fall-back to rsh is no longer available.
    * (relevant for potato only) Privilege separation does not currently
      work with Linux 2.0 kernels.
    * Privilege separation does not currently work with PAM authentication
      via the KeyboardInteractive mechanism
    * Privilege separation causes some PAM modules which expect to run
      with root privileges to fail.
    * If you are unable to use privilege separation at this time due to
      one of the issues describe above, you can disable it by adding
      "UsePrivilegeSeparation no" to your /etc/ssh/sshd_config
    Some issues from previous OpenSSH 3.3p1 packages corrected in this
    advisory (not a complete change log):
    * (relevant for potato only) the installation question, "[do you want
      to allow protocol 2 only" no longer defaults to "yes" for the potato
      packages. Users who answered yes to this question and also chose to
      regenerate their sshd_config file found that they could no longer
      connect to their server via protocol 1. See
      /usr/doc/ssh/README.Debian for instructions on how to enable
      protocol 1 if caught in this situation. Since the default in the
      potato packages is now "no", this should not be an issue for people
      upgrading from version 1.2.3 in the future
    * (relevant for potato only) the ssh package no longer conflicts with
      rsh-server, nor does it provide an rsh alternative
    * installation will no longer fail if users choose to generate
      protocol 1 keys
    Again, we regret having to release packages with larger changes and
    less testing than is our usual practice; given the potential severity
    and non-specific nature of the original threat we decided that our
    users were best served by having packages available for evaluation as
    quickly as possible. We will send additional information as it comes
    to us, and will continue to work on the outstanding issues.
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    Debian GNU/Linux 2.2 alias potato
      Potato was released for alpha, arm, i386, m68k, powerpc and sparc
      Source archives:
    Size/MD5 checksum:   837668 459c1d0262e939d6432f193c7a4ba8a8
    Size/MD5 checksum:      871 dd0f18d576520cb7110f5791bce67708
    Size/MD5 checksum:    33706 ff798880b0835dcc77e42a2b9a075148
    Size/MD5 checksum:  2153980 c8261d93317635d56df55650c6aeb3dc
    Size/MD5 checksum:    37925 718ffc86669ae06b22d77c659400f4e8
    Size/MD5 checksum:      784 b197de235e0d10f7bb66b4751808a033
      Architecture independent packages:
    Size/MD5 checksum:      976 6b39f5a320b1c8bdbba05e2c8b041b70
      alpha architecture (DEC Alpha)
    Size/MD5 checksum:    34968 3e1792f1e5746c5ba7db3e025df60cbe
    Size/MD5 checksum:   865634 52934fd0175f560735a9a4664363791a
    Size/MD5 checksum:   589696 f0263fe6848b8bd09ad07a370ed6310a
    Size/MD5 checksum:   746344 5a06b3db8f6eabf063c3099cb539ffe9
    Size/MD5 checksum:  1548926 377068d478722db72c2fe52f3c23312b
      arm architecture (ARM)
    Size/MD5 checksum:    34202 ee81aaf2953dc0524878e906ff47a3f2
    Size/MD5 checksum:   664270 a61eb2a3cac706dcc6e6985bf7cf7817
    Size/MD5 checksum:   468106 c1dc499d7a06db8e831906f942d1192e
    Size/MD5 checksum:  1348440 7fb0b6f32b6eb2dfc78391a302bd0e02
    Size/MD5 checksum:   728932 0a9872153979c364d41208082c80772d
      i386 architecture (Intel ia32)
    Size/MD5 checksum:   642966 b782a41d2d37003242835772cfc24c88
    Size/MD5 checksum:    34500 ecb44504ec7c8f6470162f74d62b278f
    Size/MD5 checksum:  1290006 362451bafdf4fe2104e54a0336893519
    Size/MD5 checksum:   461994 a1c785ce6982b9031410362f124d873a
    Size/MD5 checksum:   730338 747306c7e4ef0b767cb2985b74047b05
      m68k architecture (Motorola Mc680x0)
    Size/MD5 checksum:   613530 fc862c3af90dffffc6c242e035a75f3f
    Size/MD5 checksum:    34394 5c0cdae07253816a06e38b62072a9fff
      powerpc architecture (PowerPC)
    Size/MD5 checksum:   683270 33c05eb5d85edf818f5debf7e70d7f13
    Size/MD5 checksum:    34200 50f02ba4453b05c82f4921649b900d95
    Size/MD5 checksum:   726602 93f47a77404ad9164565aac7ff901e43
    Size/MD5 checksum:  1384596 ff8ce54bc5fa3e0913ad1f359c36161b
    Size/MD5 checksum:   502776 a09451aa914242e199eb8e5de529ec26
      sparc architecture (Sun SPARC/UltraSPARC)
    Size/MD5 checksum:   690020 0d1648eaa5decb1b9dc179b3b139b2e4
    Size/MD5 checksum:    37052 d9e57346084641ee6ed13803e5758872
    Size/MD5 checksum:  1338558 812adef25bd5abab26c47451dde84ba8
    Size/MD5 checksum:   482712 d821248f15cc4e1fa6574e4cdfdf02e0
    Size/MD5 checksum:   738056 d27a607775a80eb4aba24d29b35fe6ff
    Debian GNU/Linux 3.0 alias woody
      Woody will be released for alpha, arm, hppa, i386, ia64, m68k, mips,
      mipsel, powerpc, s390 and sparc.
      Source archives:
    Size/MD5 checksum:   837668 459c1d0262e939d6432f193c7a4ba8a8
    Size/MD5 checksum:      815 2b3e82272d126f8f722a940f43d7f8a0
    Size/MD5 checksum:    34048 6363fd68a6404a2af641bb07f46d2ba6
      alpha architecture (DEC Alpha)
    Size/MD5 checksum:    35384 2e675e8257987714e031e985b01ca676
    Size/MD5 checksum:   848660 e7d6c59e3536e5c41962002c3e442a2c
      arm architecture (ARM)
    Size/MD5 checksum:    34618 30e270a4276f09edc4cfdeba2d6393e0
    Size/MD5 checksum:   656864 04c71d6586dfd977f9adaa9c2b5da94a
      hppa architecture (HP PA RISC)
    Size/MD5 checksum:    34978 b558d6f79876fb65f63c46b8cf60bb7c
    Size/MD5 checksum:   754418 f471dedc5599abd8f2c8bbce7f4761e8
      i386 architecture (Intel ia32)
    Size/MD5 checksum:   641268 9964e6000e78aa9fb68d5633becc1b84
    Size/MD5 checksum:    34888 4c50455ef97e38c30c43a5eb5f32dfe9
      ia64 architecture (Intel ia64)
    Size/MD5 checksum:    36392 7978c2995bb7985dbb7c854f0417b4e0
    Size/MD5 checksum:  1001450 5d7e38d2631a5a249edfbbb7c3b810cd
      m68k architecture (Motorola Mc680x0)
    Size/MD5 checksum:   611224 6233339888e254a469a38b277a35f2b7
    Size/MD5 checksum:    34920 790fd8ba665277d21d54c8a443950fbe
      mips architecture (MIPS (Big Endian))
    Size/MD5 checksum:    34900 2600da5dc8ea7d339afe25f7c2a66c65
    Size/MD5 checksum:   728584 d12098d0b37c7ac0110cf730148b6dcb
      mipsel architecture (MIPS (Little Endian))
    Size/MD5 checksum:    34870 3cba136ff66798c32763a986480565db
    Size/MD5 checksum:   726062 b1a4e99482e493e88ec648b4046d543f
      powerpc architecture (PowerPC)
    Size/MD5 checksum:   680140 4b5285ea717b81e6e6c41e2139b3d5d2
    Size/MD5 checksum:    34630 697a13bc303bf3f6dec83a334a34b1ab
      s390 architecture (IBM S/390)
    Size/MD5 checksum:    35248 ece9e2298f59df19af4212820e768556
    Size/MD5 checksum:   669320 b87c69c0f4a273f80165774057d83ffe
      sparc architecture (Sun SPARC/UltraSPARC)
    Size/MD5 checksum:   684810 54999fa878b73b1915b7f536ef4f1ab5
    Size/MD5 checksum:    34686 d50d3087a60ff6bf9676bfa41e12f0cd
    apt-get: deb stable/updates main
    dpkg-ftp: dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.


    LinuxSecurity Poll

    'Tis the season of giving! How have you given back to the open-source community?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    [{"id":"171","title":"I've contributed to the development of an open-source project.","votes":"11","type":"x","order":"1","pct":34.38,"resources":[]},{"id":"172","title":"I've reviewed open-source code for security bugs.","votes":"6","type":"x","order":"2","pct":18.75,"resources":[]},{"id":"173","title":"I've made a donation to an open-source project.","votes":"15","type":"x","order":"3","pct":46.88,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.