Openssh Buffer Management Vulnerability
Funka
Join Date: 2002-11-03 Member: 5718Members
<div class="IPBDescription">admins: please update your systems!</div> <a href='http://www.cert.org/advisories/CA-2003-24.html' target='_blank'>http://www.cert.org/advisories/CA-2003-24.html</a>
Original release date: September 16, 2003
Last revised: Sept 17, 2003
Source: CERT/CC
Systems Affected
Systems running versions of OpenSSH prior to 3.7.1
Systems that use or derive code from vulnerable versions of OpenSSH
Overview
There is a remotely exploitable vulnerability in a general buffer management function in versions of OpenSSH prior to 3.7.1. This may allow a remote attacker to corrupt heap memory which could cause a denial-of-service condition. It may also be possible for an attacker to execute arbitrary code.
-----------
Please see the link at the top of this post for more info, or check your vendor's website...
-f!
Original release date: September 16, 2003
Last revised: Sept 17, 2003
Source: CERT/CC
Systems Affected
Systems running versions of OpenSSH prior to 3.7.1
Systems that use or derive code from vulnerable versions of OpenSSH
Overview
There is a remotely exploitable vulnerability in a general buffer management function in versions of OpenSSH prior to 3.7.1. This may allow a remote attacker to corrupt heap memory which could cause a denial-of-service condition. It may also be possible for an attacker to execute arbitrary code.
-----------
Please see the link at the top of this post for more info, or check your vendor's website...
-f!
Comments
Excellent of you to take the time to post that in here. Those who listen and upgrade, get a cookie, and if you heed my advice, here, have the whole bag.
I strongly encourage all able to do so to impliment what prodigy has suggested if possible.