The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

OpenSSH Buffer Exploit

Discussion in 'General Discussion' started by pirania1, Sep 16, 2003.

  1. pirania1

    pirania1 Well-Known Member

    May 10, 2003
    Likes Received:
    Trophy Points:
    Miami, FL
    Repost from RS forums

    OpenSSH Buffer Exploit
    Severity: CRITICAL

    There have been several reports of a new ssh bug, with an exploit seemingly in the wild.

    1. Versions affected:

    All versions of OpenSSH's sshd prior to 3.7 contain a buffer management error. The attack makes an enormous amount of ssh connections and attempts various offsets until it finds one that works permitting root login. Priv sep does *not* seem to stop the attack (unless its on OpenBSD). Hosts.allow/deny will stop it as will any very restrictive firewall rules.

    2. Solutions:

    If you do any of this, you do so at your own risk and I take no responsibility if you hose your box.

    Upgrade to OpenSSH 3.7 or use this patch

    Openssh 3.7p1 on the master ftp:

    For Debian stable users:
    apt-get update
    apt-get upgrade
    Debian Security List post

    For Redhat Users:
    Redhat has not *yet* released a patch however you can manually install the 3.7p1 or use the patch

    For Gentoo Users:
    This is a workaround since ebuild update isnt there yet
    cd /usr/portage/net-misc/openssh/
    cp openssh-3.6.1_p2.ebuild openssh-3.7_p1.ebuild
    emerge -f openssh-3.7_p1.ebuild
    ebuild openssh-3.7_p1.ebuild digest
    emerge openssh-3.7_p1.ebuild
    /etc/init.d/sshd restart

    Please note this is just a repost FYI. I do not answer questions about it, nor I take any responsibility.
  2. sasha

    sasha Member

    Nov 5, 2002
    Likes Received:
    Trophy Points:

Share This Page