lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20060221153054.GD5903@piware.de>
Date: Tue, 21 Feb 2006 16:30:54 +0100
From: Martin Pitt <martin.pitt@...onical.com>
To: ubuntu-security-announce@...ts.ubuntu.com
Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: [USN-255-1] openssh vulnerability

===========================================================
Ubuntu Security Notice USN-255-1	  February 21, 2006
openssh vulnerability
CVE-2006-0225
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04 (Hoary Hedgehog)
Ubuntu 5.10 (Breezy Badger)

The following packages are affected:

openssh-client

The problem can be corrected by upgrading the affected package to
version 1:3.8.1p1-11ubuntu3.3 (for Ubuntu 4.10), 1:3.9p1-1ubuntu2.2
(for Ubuntu 5.04), or 1:4.1p1-7ubuntu4.1 (for Ubuntu 5.10).  In
general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

Tomas Mraz discovered a shell code injection flaw in scp. When doing
local-to-local or remote-to-remote copying, scp expanded shell escape
characters. By tricking an user into using scp on a specially crafted
file name (which could also be caught by using an innocuous wild card
like '*'), an attacker could exploit this to execute arbitrary shell
commands with the privilege of that user.

Please be aware that scp is not designed to operate securely on
untrusted file names, since it needs to stay compatible with rcp.
Please use sftp for automated systems and potentially untrusted file
names.


Updated packages for Ubuntu 4.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh_3.8.1p1-11ubuntu3.3.diff.gz
      Size/MD5:   147804 bcb9840f943cb185fa14cdb6639dc2de
    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh_3.8.1p1-11ubuntu3.3.dsc
      Size/MD5:      880 64349db6679401abfe0f28f08a46559f
    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh_3.8.1p1.orig.tar.gz
      Size/MD5:   795948 9ce6f2fa5b2931ce2c4c25f3af9ad50d

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/ssh_3.8.1p1-11ubuntu3.3_all.deb
      Size/MD5:    30202 dc2297b42ce6e0009b30f76df0778e9c

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-client-udeb_3.8.1p1-11ubuntu3.3_amd64.udeb
      Size/MD5:   160136 968b48b5666e275656b20249cb61faa7
    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-client_3.8.1p1-11ubuntu3.3_amd64.deb
      Size/MD5:   526002 306594f4386fa65366fe67e1ac9c45cc
    http://security.ubuntu.com/ubuntu/pool/universe/o/openssh/openssh-server-udeb_3.8.1p1-11ubuntu3.3_amd64.udeb
      Size/MD5:   176398 480d6b645167bc2e9b533dd76016c429
    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-server_3.8.1p1-11ubuntu3.3_amd64.deb
      Size/MD5:   264122 df6c92305d240b32b63a9add7bfc5825
    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/ssh-askpass-gnome_3.8.1p1-11ubuntu3.3_amd64.deb
      Size/MD5:    53394 b4f5da405cb155f72d9d064a4d50567e

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-client-udeb_3.8.1p1-11ubuntu3.3_i386.udeb
      Size/MD5:   134290 7aaca0eb6b603910f3c3bda8d30e3999
    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-client_3.8.1p1-11ubuntu3.3_i386.deb
      Size/MD5:   474992 94005876a8f9c45fa315d84264f422ce
    http://security.ubuntu.com/ubuntu/pool/universe/o/openssh/openssh-server-udeb_3.8.1p1-11ubuntu3.3_i386.udeb
      Size/MD5:   146996 fbf6d83c68f6999aacbafc98f68eb295
    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-server_3.8.1p1-11ubuntu3.3_i386.deb
      Size/MD5:   241898 55dc4bad99928d552819478c0f4d032e
    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/ssh-askpass-gnome_3.8.1p1-11ubuntu3.3_i386.deb
      Size/MD5:    53072 667eab23d4b9af759774640f38ec22cd

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-client-udeb_3.8.1p1-11ubuntu3.3_powerpc.udeb
      Size/MD5:   153126 e59d9aa701310152aa4585b6b3c83df5
    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-client_3.8.1p1-11ubuntu3.3_powerpc.deb
      Size/MD5:   523108 59739bfa95120ae0ee193743694a74cb
    http://security.ubuntu.com/ubuntu/pool/universe/o/openssh/openssh-server-udeb_3.8.1p1-11ubuntu3.3_powerpc.udeb
      Size/MD5:   160376 7cbb092c954cccb014d1e564b133c1e2
    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-server_3.8.1p1-11ubuntu3.3_powerpc.deb
      Size/MD5:   258268 2e38eadac1a298db3c027ee661d8a5e5
    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/ssh-askpass-gnome_3.8.1p1-11ubuntu3.3_powerpc.deb
      Size/MD5:    54556 131cee0bac5d5cd080675461db8bc0c6

Updated packages for Ubuntu 5.04:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh_3.9p1-1ubuntu2.2.diff.gz
      Size/MD5:   140942 2193e3793b51e7024784ec047cf3277c
    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh_3.9p1-1ubuntu2.2.dsc
      Size/MD5:      866 8ec4e326208aae4b8fe90f9cac0a2ca6
    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh_3.9p1.orig.tar.gz
      Size/MD5:   832804 530b1dcbfe7a4a4ce4959c0775b85a5a

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/ssh_3.9p1-1ubuntu2.2_all.deb
      Size/MD5:    30912 0997c23a603de9b1534ee687851fd38b

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-client-udeb_3.9p1-1ubuntu2.2_amd64.udeb
      Size/MD5:   166708 bc3698453fa091e69bc7f1c67b9316ef
    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-client_3.9p1-1ubuntu2.2_amd64.deb
      Size/MD5:   543786 d330f2132fb0bf0295b915e7e0a453ba
    http://security.ubuntu.com/ubuntu/pool/universe/o/openssh/openssh-server-udeb_3.9p1-1ubuntu2.2_amd64.udeb
      Size/MD5:   179156 7048312720471a8f0c50562c4301a21d
    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-server_3.9p1-1ubuntu2.2_amd64.deb
      Size/MD5:   279064 5402baeb9df169b4ce6a6eddfb3a6262
    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/ssh-askpass-gnome_3.9p1-1ubuntu2.2_amd64.deb
      Size/MD5:    62514 064f02869e9c61a56b8a4e1558d18e2c

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-client-udeb_3.9p1-1ubuntu2.2_i386.udeb
      Size/MD5:   139346 9b79999219a1cabd60930e682d671e17
    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-client_3.9p1-1ubuntu2.2_i386.deb
      Size/MD5:   492224 757e828a5ccf114fe9c4be9b046850c2
    http://security.ubuntu.com/ubuntu/pool/universe/o/openssh/openssh-server-udeb_3.9p1-1ubuntu2.2_i386.udeb
      Size/MD5:   149016 86ffa618024f36ac0097686b43b1d179
    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-server_3.9p1-1ubuntu2.2_i386.deb
      Size/MD5:   255760 11f910249c6b098fce8f8020ce6d3b27
    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/ssh-askpass-gnome_3.9p1-1ubuntu2.2_i386.deb
      Size/MD5:    62114 d5a4d9ec3011c099d2db314cf615f646

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-client-udeb_3.9p1-1ubuntu2.2_powerpc.udeb
      Size/MD5:   159854 f1a90f3cb4151736bed6f263901a4d35
    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-client_3.9p1-1ubuntu2.2_powerpc.deb
      Size/MD5:   540312 287aa744564de63043d5bb134d0745d4
    http://security.ubuntu.com/ubuntu/pool/universe/o/openssh/openssh-server-udeb_3.9p1-1ubuntu2.2_powerpc.udeb
      Size/MD5:   163302 1b019329cd84ff0a1f3960565a621fed
    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-server_3.9p1-1ubuntu2.2_powerpc.deb
      Size/MD5:   273126 7ec4c43399986224b54d0f41fe8e3416
    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/ssh-askpass-gnome_3.9p1-1ubuntu2.2_powerpc.deb
      Size/MD5:    63634 b370bc059a12a2ddc3b3afe1f772049d

Updated packages for Ubuntu 5.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh_4.1p1-7ubuntu4.1.diff.gz
      Size/MD5:   156844 b4cdb063563a640093c305e46f1fc87d
    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh_4.1p1-7ubuntu4.1.dsc
      Size/MD5:      971 c80c70c3c63781792a7f39d6ae01940d
    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh_4.1p1.orig.tar.gz
      Size/MD5:   909689 3709109adf0b82176668b3d3478dd033

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/ssh_4.1p1-7ubuntu4.1_all.deb
      Size/MD5:     1048 859ffbe5d4bd5202a2eebec6e8e9ac81

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-client-udeb_4.1p1-7ubuntu4.1_amd64.udeb
      Size/MD5:   162510 1697e11d3a83142a879d04ab7b5e0ac7
    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-client_4.1p1-7ubuntu4.1_amd64.deb
      Size/MD5:   584118 3947d62111b5dca4e76344dc8cca254f
    http://security.ubuntu.com/ubuntu/pool/universe/o/openssh/openssh-server-udeb_4.1p1-7ubuntu4.1_amd64.udeb
      Size/MD5:   179332 51b096a5921f12614a4be6ac578c6685
    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-server_4.1p1-7ubuntu4.1_amd64.deb
      Size/MD5:   223756 e73afff943deeda07de98bd52cefb9df
    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/ssh-askpass-gnome_4.1p1-7ubuntu4.1_amd64.deb
      Size/MD5:    77824 9ce67812f993f2e4e896a46757ccd58d

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-client-udeb_4.1p1-7ubuntu4.1_i386.udeb
      Size/MD5:   138126 eff182e04cf9c7990fa49ceeb1d8a227
    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-client_4.1p1-7ubuntu4.1_i386.deb
      Size/MD5:   514306 2aa78f38fad06006ac0530af8a45b821
    http://security.ubuntu.com/ubuntu/pool/universe/o/openssh/openssh-server-udeb_4.1p1-7ubuntu4.1_i386.udeb
      Size/MD5:   149732 1974bc3bb64c6bd32583b78420a12047
    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-server_4.1p1-7ubuntu4.1_i386.deb
      Size/MD5:   195172 df8d26ec28a6487513e2a8a8117fe090
    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/ssh-askpass-gnome_4.1p1-7ubuntu4.1_i386.deb
      Size/MD5:    77540 9241a0dbcde2f43ca408868be70b0523

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-client-udeb_4.1p1-7ubuntu4.1_powerpc.udeb
      Size/MD5:   155720 86eec2f79139f085454334607c10825a
    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-client_4.1p1-7ubuntu4.1_powerpc.deb
      Size/MD5:   568402 b295641a03748fa6d8477c6a3ef7b9ec
    http://security.ubuntu.com/ubuntu/pool/universe/o/openssh/openssh-server-udeb_4.1p1-7ubuntu4.1_powerpc.udeb
      Size/MD5:   163224 497641805869834b9959f0a8ecaf9b46
    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-server_4.1p1-7ubuntu4.1_powerpc.deb
      Size/MD5:   215272 85c392d0999eaf9ebe91230392aba50a
    http://security.ubuntu.com/ubuntu/pool/main/o/openssh/ssh-askpass-gnome_4.1p1-7ubuntu4.1_powerpc.deb
      Size/MD5:    79104 3b6db051e9e4eb17e0024c926aa4d2ac

Download attachment "signature.asc" of type "application/pgp-signature" (192 bytes)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ