SCO Security Advisory SCOSA-2008.2 - sshd in OpenSSH versions before 4.4, when using the version 1 SSH protocol, could allow a remote attacker to cause a denial of service. It certainly is nice to have SCO bring this to light for their consumers two years after the fact.
7b85b6b25922a9638680df7e8c6550ec8639cf624979b1d840ed176611234312 SCO Security Advisory
Subject: OpenSSH Denial Of Service Vulnerability
Advisory number: SCOSA-2008.2
Issue date: 12th March 2008
Cross reference: fz534336, fz533530
CVE-2006-4924
______________________________________________________________________________
1. Problem Description
sshd in OpenSSH versions before 4.4, when using the version 1 SSH
protocol, could allow a remote attacker to cause a denial of service
(CPU consumption) via an SSH packet that contains duplicate blocks,
which is not properly handled by the CRC compensation attack detector.
2. Vulnerable Supported Versions
System Package
----------------------------------------------------------------------
UnixWare 7.1.4 openssh 4.2p1
UnixWare 7.1.3 openssh 4.0p1
3. Solution
The proper solution is to install the relevant package below.
4. UnixWare 7.1.4
This patch should only be installed on UnixWare 7.1.4 systems with
Maintenance Pack 3 (MP3) applied. You can download MP3 from:
ftp://ftp.sco.com/pub/unixware7/714/mp/uw714mp3
4.1 Location of Fixed Binaries
ftp://ftp.sco.com/pub/unixware7/714/security/p534336/
4.2 Verification
MD5 (p534336.image) = 89271cc36a93ab8252159a4a98abc221
md5 is available for download from
ftp://ftp.sco.com/pub/security/tools
4.3 Installation Instructions
1) Download the p534336.image file to the /tmp directory on
your machine.
2) As root, add the package to your system using these commands:
$ su -
Password: <type your root password>
# pkgadd -d /tmp/p534336.image
Alternatively, this package may be installed in quiet mode,
that is, without displaying the release notes and asking for
confirmation. To do this, use these commands:
$ su -
Password: <type your root password>
# pkgadd -qd /tmp/p534589.image all
3) There is no need to reboot the system after installing this
package.
4.4 Removal Instructions
1) As root, remove the package using these commands:
$ su -
Password: <type your root password>
# pkgrm p534589
5. UnixWare 7.1.3
This patch should only be installed on UnixWare 7.1.3 systems with
Maintenance Pack 5 (MP5) applied. You can download MP5 from:
ftp://ftp.sco.com/pub/unixware7/713/mp/mp5
5.1 Location of Fixed Binaries
ftp://ftp.sco.com/pub/unixware7/713/security/p534336_713/
5.2 Verification
MD5 (p534336.image) = 1554e72a7197480d77687ef0246964c1
md5 is available for download from
ftp://ftp.sco.com/pub/security/tools
5.3 Installation Instructions
1) Download the p534336.image file to the /tmp directory on
your machine.
2) As root, add the package to your system using these commands:
$ su -
Password: <type your root password>
# pkgadd -d /tmp/p534336.image
Alternatively, this package may be installed in quiet mode,
that is, without displaying the release notes and asking for
confirmation. To do this, use these commands:
$ su -
Password: <type your root password>
# pkgadd -qd /tmp/p534589.image all
3) There is no need to reboot the system after installing this
package.
5.4 Removal Instructions
1) As root, remove the package using these commands:
$ su -
Password: <type your root password>
# pkgrm p534589
6. References
SCO security resources:
http://www.sco.com/support/download.html
SCO security advisories via email
http://www.sco.com/support/forums/security.html
This security fix closes SCO incidents fz534336 and 533530.
7. Disclaimers
SCO is not responsible for the misuse of any of the information
we provide on this website and/or through our security
advisories. Our advisories are a service to our customers intended
to promote secure installation and use of SCO products.
8. Acknowledgements
N/A
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed