Bug#270770: ssh: CAN-2004-0175 "Directory traversal vulnerability in scp for OpenSSH before 3.4p1"
Package: ssh
Version: 1:3.8.1p1-8
Severity: critical
Tags: security,woody
Justification: causes serious data loss
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Dear ssh maintainer,
CAN-2004-0175 says "Directory traversal vulnerability in scp for OpenSSH
before 3.4p1" and woody's ssh package version is "1:3.4p1-1.woody.3".
(http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0175)
In RH bugzilla, pointed out fix code
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/scp.c.diff?r1=1.113&r2=1.114
and I've checked woody's ssh code, but not found such fixes.
So I think this vunlerability affects Debian.
- ---------------------------------------------------------------------------------
* I cannot find no information about it in openssh website. (Why?)
(http://www.openssh.com/security.html)
* Apple: APPLE-SA-2004-09-07: Security Update 2004-09-07
(http://lists.apple.com/mhonarc/security-announce/msg00058.html)
* CLSA-2004:831 openssh
(http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000831)
* In SuSE-SA:2004:009: Linux Kernel, as just "pending and workaroud"
* issue.
(http://www.suse.com/de/security/2004_09_kernel.html)
* Red Hat has not yet released SA, but releated bugzilla post is here.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120147
- ---------------------------------------------------------------------------------
Could you check it, please?
... and if it would not affect woody, please add this issue in
http://www.debian.org/security/nonvulns-woody .
thanks.
- --
Regards,
Hideki Yamane henrich @ samba.gr.jp/iijmio-mail.jp
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFBQAImIu0hy8THJksRAuQdAKCLpwn8lgkeyFCpbc27QKIMqfr16gCfTnCL
8MnXrQoxDwgyff2BxYDkKzU=
=8p0W
-----END PGP SIGNATURE-----
Reply to: