lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Wed, 12 Mar 2008 14:19:14 -0700
From: Henry Miller <security@....com>
To: security-announce@...t.sco.com
Subject: SCOSA-2008.2

  			  SCO Security Advisory


Subject:                OpenSSH Denial Of Service Vulnerability
Advisory number:        SCOSA-2008.2
Issue date:             12th March 2008
Cross reference:        fz534336, fz533530
                        CVE-2006-4924
______________________________________________________________________________


1. Problem Description

        sshd in OpenSSH versions before 4.4, when using the version 1 SSH 
        protocol, could allow a remote attacker to cause a denial of service 
        (CPU consumption) via an SSH packet that contains duplicate blocks,
        which is not properly handled by the CRC compensation attack detector. 
	
2. Vulnerable Supported Versions

        System                          Package
        ----------------------------------------------------------------------
        UnixWare 7.1.4                  openssh 4.2p1
        UnixWare 7.1.3                  openssh 4.0p1
                                       
3. Solution

        The proper solution is to install the relevant package below.

4. UnixWare 7.1.4

        This patch should only be installed on UnixWare 7.1.4 systems with
        Maintenance Pack 3 (MP3) applied. You can download MP3 from:
 
        ftp://ftp.sco.com/pub/unixware7/714/mp/uw714mp3

        4.1 Location of Fixed Binaries

        ftp://ftp.sco.com/pub/unixware7/714/security/p534336/

        4.2 Verification

        MD5 (p534336.image) = 89271cc36a93ab8252159a4a98abc221

        md5 is available for download from

        ftp://ftp.sco.com/pub/security/tools

        4.3 Installation Instructions

        1) Download the p534336.image file to the /tmp directory on 
        your machine.

        2) As root, add the package to your system using these commands:

        $ su -
        Password: <type your root password>
        # pkgadd -d /tmp/p534336.image

        Alternatively, this package may be installed in quiet mode, 
        that is, without displaying the release notes and asking for 
        confirmation. To do this, use these commands:

        $ su -
        Password: <type your root password>
        # pkgadd -qd /tmp/p534589.image all

        3) There is no need to reboot the system after installing this
        package.

        4.4 Removal Instructions

        1) As root, remove the package using these commands:

        $ su -
        Password: <type your root password>
        # pkgrm p534589

5. UnixWare 7.1.3

        This patch should only be installed on UnixWare 7.1.3 systems with
        Maintenance Pack 5 (MP5) applied. You can download MP5 from:
 
        ftp://ftp.sco.com/pub/unixware7/713/mp/mp5

        5.1 Location of Fixed Binaries

        ftp://ftp.sco.com/pub/unixware7/713/security/p534336_713/

        5.2 Verification

        MD5 (p534336.image) = 1554e72a7197480d77687ef0246964c1

        md5 is available for download from

        ftp://ftp.sco.com/pub/security/tools

        5.3 Installation Instructions

        1) Download the p534336.image file to the /tmp directory on 
        your machine.

        2) As root, add the package to your system using these commands:

        $ su -
        Password: <type your root password>
        # pkgadd -d /tmp/p534336.image

        Alternatively, this package may be installed in quiet mode, 
        that is, without displaying the release notes and asking for 
        confirmation. To do this, use these commands:

        $ su -
        Password: <type your root password>
        # pkgadd -qd /tmp/p534589.image all

        3) There is no need to reboot the system after installing this
        package.

        5.4 Removal Instructions

        1) As root, remove the package using these commands:

        $ su -
        Password: <type your root password>
        # pkgrm p534589

6. References

        SCO security resources:
                http://www.sco.com/support/download.html

        SCO security advisories via email
                http://www.sco.com/support/forums/security.html

        This security fix closes SCO incidents fz534336 and 533530.

7. Disclaimers

        SCO is not responsible for the misuse of any of the information
        we provide on this website and/or through our security
        advisories. Our advisories are a service to our customers intended
        to promote secure installation and use of SCO products.

8. Acknowledgements

        N/A

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists