Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » CSSA-2002-SCO.11-OpenSSH channel code vulnerability

CSSA-2002-SCO.11-OpenSSH channel code vulnerability

by Nikola Strahija on March 13th, 2002 A bug exists in the channel code of OpenSSH versions 2.0 though 3.0.2. Existing users can use this bug to gain root privileges. The ability to exploit this vulnerability without an existing user account has not yet been proven, but it is considered possible. A malicious ssh server could also use this bug to exploit a connecting vulnerable client.


Vulnerable Supported Versions

Operating System Version Affected Files
------------------------------------------------------------------
UnixWare 7.1.1 all ssh distribution files
Open UNIX 8.0.0 all ssh distribution files


3. Workaround

None.


4. Open UNIX, UnixWare

4.1 Location of Fixed Binaries

ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.11/


4.2 Verification

MD5 (openssh-3.1p1.pkg) = 795ce670574cfad348996be551cd498e

md5 is available for download from
ftp://stage.caldera.com/pub/security/tools/


4.3 Installing Fixed Binaries

Upgrade the affected binaries with the following commands:

Download openssh-3.1p1.pkg to the /tmp directory

# pkgadd -d /tmp/openssh-3.1p1.pkg


5. References

http://www.pine.nl/advisories/pine-cert-20020301.txt

This and other advisories are located at
http://stage.caldera.com/support/security

This advisory addresses Caldera Security internal incidents
sr861335, fz520314, erg711983.


6. Disclaimer

Caldera International, Inc. is not responsible for the misuse
of any of the information we provide on our website and/or
through our security advisories. Our advisories are a service
to our customers intended to promote secure installation and
use of Caldera International products.



Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »