Openssh Buffer Management Vulnerability

Funka

<div class="IPBDescription">admins: please update your systems!</div> <a href='http://www.cert.org/advisories/CA-2003-24.html' target='_blank'>http://www.cert.org/advisories/CA-2003-24.html</a>

Original release date: September 16, 2003
Last revised: Sept 17, 2003
Source: CERT/CC

Systems Affected
Systems running versions of OpenSSH prior to 3.7.1
Systems that use or derive code from vulnerable versions of OpenSSH

Overview
There is a remotely exploitable vulnerability in a general buffer management function in versions of OpenSSH prior to 3.7.1. This may allow a remote attacker to corrupt heap memory which could cause a denial-of-service condition. It may also be possible for an attacker to execute arbitrary code.

-----------

Please see the link at the top of this post for more info, or check your vendor's website...

-f!

prodigy

Anyone who doesn't firewall off their SSH, needs to re-evaluate that decision. Firewalling off ANY service where the only person who should have access are legitimate people is an EXCELLENT idea. The only services that should be open to the public are mail/web/proxy etc.. services that involve remote management or anything of that nature (vnc, pca, ssh, rdp etc) should have restricted access via a firewall.

Excellent of you to take the time to post that in here. Those who listen and upgrade, get a cookie, and if you heed my advice, here, have the whole bag.

cracker_jackmac

Well, unfortunatly i'm unable to restrict ssh via IPs because i'm so mobile. the only box accesable on the public sector is 3.7.1p1 SSH. With tthe latest SSL as well. Prodigy, your method is the prefered method and a agree with you 100%. But sometimes its not always practical. I

I strongly encourage all able to do so to impliment what prodigy has suggested if possible.