[WBEL-users] RE: Updates!
israel.garcia@cimex.com.cu
israel.garcia@cimex.com.cu
Wed, 30 Jun 2004 11:24:47 -0500
>It is impossible to help without knowing what security problems you are talking
about. Most likely you will find that it has been fixed in the newest errata.
I just scanned the server with Nessus and here is the result:
1. Remote SSH version : SSH-2.0-OpenSSH_3.6.1p2 (Nessus detected this version).
2. You are running a version of OpenSSH which is older than 3.7.1 (Nessus
sugguest to upgrade to 3.7.1)
Versions older than 3.7.1 are vulnerable to a flaw in the buffer management
functions which might allow an attacker to execute arbitrary commands on this
host.
An exploit for this issue is rumored to exist.
Note that several distribution patched this hole without changing
the version number of OpenSSH. Since Nessus solely relied on the
banner of the remote SSH server to perform this check, this might
be a false positive.
If you are running a RedHat host, make sure that the command :
rpm -q openssh-server
Returns :
openssh-server-3.1p1-13 (RedHat 7.x)
openssh-server-3.4p1-7 (RedHat 8.0)
openssh-server-3.5p1-11 (RedHat 9)
Solution : Upgrade to OpenSSH 3.7.1
See also : http://marc.theaimsgroup.com/?l=openbsd-misc&m=106375452423794&w=2
http://marc.theaimsgroup.com/?l=openbsd-misc&m=106375456923804&w=2
Risk factor : High
CVE : CAN-2003-0682, CAN-2003-0693, CAN-2003-0695
BID : 8628
Other references : RHSA:RHSA-2003:279-02, SuSE:SUSE-SA:2003:039
regards..
Israel
>
>http://www.redhat.com/advice/speaks_backport.html
>
>
>
Yep, this is a known 'issue'. When's the whitebox-users FAQ coming out :) ?
Thanks,
Will
Saludos
Israel Garcia
CIMEX Villa Clara