Proposed: DSA XXX-1: ssh-nonfree remote root exploit

To: security@debian.org, debian-devel@lists.debian.org
Subject: Proposed: DSA XXX-1: ssh-nonfree remote root exploit
From: Bernd Eckenfels <lists@lina.inka.de>
Date: Mon, 12 Nov 2001 04:00:33 +0100
Message-id: <[🔎] 20011112040033.A21281@lina.inka.de>

feel free to announce it:

---------------------------------------------------------------------------
Debian Security Advisory DSA XXX-X                     security@debian.org
http://www.debian.org/security/                            Bernd Eckenfels
November, 12th, 2001
---------------------------------------------------------------------------

Packages       : ssh-nonfree, ssh-socks
Vulnerability  : Buffer Overflow
Problem-Type   : remote root exploit
Debian-specific: no

A remote exploit of the original ssh daemon is widely known. The exploit was
announced on Bugtraq, and we have reports of actuelly hacked hosts.

The Problem, as reported in Bug Report #85725 is present in deattack.c and
rsaglue.c.

We strongly recommend that you upgrade your ssh-nonfree packages immediately.

This Problem is fixed in 1.2.27-6 (testing, unstable) and 1.2.26-6.2
(potato).

NOTE: as you can see from the incomplete list of architectures, the Debian
Project is not spending much time on maintaining non-free packages.
Therefore it is highly recommended, that you switch to the free ssh
implementation. You can find OpenSSH in the Debian GNU/Linux package called
"ssh".

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

Note: due to the non-free nature of this packages, we do not support
auto-upgrade from security.debian.org.



Debian GNU/Linux 2.2 alias potato
---------------------------------

  Source archives:

http://non-us.debian.org/debian-non-US/pool/non-US/non-free/s/ssh-nonfree/ssh-nonfree_1.2.27-6.2.dsc
      MD5 checksum: 8ba9a4c2d4059b973e6c46bb6ab88958

http://non-us.debian.org/debian-non-US/pool/non-US/non-free/s/ssh-nonfree/ssh-nonfree_1.2.27-6.2.diff.gz
      MD5 checksum:  92161c3468189f17eb17421fd2e91f1e


  Intel ia32 architecture:

http://non-us.debian.org/debian-non-US/pool/non-US/non-free/s/ssh-nonfree/ssh-nonfree_1.2.27-6.2_i386.deb
     MD5 checkum: e4f6db9acb54b9e3dc75315a66207840

http://non-us.debian.org/debian-non-US/pool/non-US/non-free/s/ssh-nonfree/ssh-socks_1.2.27-6.2_i386.deb
     MD5 checksum: 0eab3e6250c3aa4130ec5a2f719531e6

Or using the following sources.list line for apt-get:

  deb http://non-us.debian.org/debian-non-US potato-proposed-updates/non-US main non-free



-- 
  (OO)      -- Bernd_Eckenfels@Wendelinusstrasse39.76646Bruchsal.de --
 ( .. )  ecki@{inka.de,linux.de,debian.org} http://home.pages.de/~eckes/
  o--o     *plush*  2048/93600EFD  eckes@irc  +497257930613  BE5-RIPE
(O____O)  When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl!

Attachment: pgpnsW_nDdwmx.pgp
Description: PGP signature

Reply to:

Follow-Ups:
- Re: Proposed: DSA XXX-1: ssh-nonfree remote root exploit
  - From: Bernd Eckenfels <lists@lina.inka.de>
- Re: Proposed: DSA XXX-1: ssh-nonfree remote root exploit
  - From: Matt Zimmerman <mdz@debian.org>
- Re: Proposed: DSA XXX-1: ssh-nonfree remote root exploit
  - From: Thomas Smith <tgs@finbar.dyndns.org>
- Re: Proposed: DSA XXX-1: ssh-nonfree remote root exploit
  - From: Marc Haber <debian-devel.lists.debian.org@marc-haber.de>
- Re: Proposed: DSA XXX-1: ssh-nonfree remote root exploit
  - From: malcolm@ivywell.screaming.net

Prev by Date: Re: lintian and (non-)conffiles in /etc
Next by Date: Re: Proposed: DSA XXX-1: ssh-nonfree remote root exploit
Previous by thread: Re: lintian and (non-)conffiles in /etc
Next by thread: Re: Proposed: DSA XXX-1: ssh-nonfree remote root exploit
Index(es):
- Date
- Thread