Earl:
SSH - Anything pre 2.0 is vulnerable to a crc32 exploit yielding root priveliges - upgrade now (30% of SSH Servers are still vulnerable to this over 1 year since it was first made public).
Can you tell me whether openssh versions are also vulnerable?
I think http://www.linuxsecurity.com/ is another useful site.
MJ Ray writes:
Can you tell me whether openssh versions are also vulnerable?
Funny how these things happen. A couple of messages after your email in my inbox, I received the following which might help answer your question.
A new version of OpenSSH has been released, OpenSSH 3.0.2. This release fixes a vulnerability in the UseLogin option of OpenSSH. This option is not enabled in the default installation of OpenSSH. However, if UseLogin is enabled by the administrator, all versions of OpenSSH prior to 3.0.2 may be vulnerable to local attacks.
The vulnerability allows local users to pass environment variables (e.g. LD_PRELOAD) to the login process. The login process is run with the same privilege as sshd (usually with root privilege).
Do not enable UseLogin on your machines or disable UseLogin again in /etc/sshd_config: UseLogin no
So the bottom line is that OpenSSH has vulnerabilities too.
HTH.
..Adrian
MJ Ray writes:
Can you tell me whether openssh versions are also vulnerable?
If you're talking about the CRC32 exploit then as far as I know it was fixed in OpenSSH 2.3.0. There is some info here: http://razor.bindview.com/publish/advisories/adv_ssh1crc.html
Cheers,
Mat
-
Adrian Clark -
Mat B -
MJ Ray