From martin.pitt@canonical.com Mon Oct 17 12:41:10 2005 From: Martin Pitt To: ubuntu-security-announce@lists.ubuntu.com Cc: full-disclosure@lists.grok.org.uk, bugtraq@securityfocus.com Date: Mon, 17 Oct 2005 18:37:35 +0200 Subject: [Full-disclosure] [USN-208-1] SSH server vulnerability =========================================================== Ubuntu Security Notice USN-208-1 October 17, 2005 openssh vulnerability CAN-2005-2798 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) Ubuntu 5.04 (Hoary Hedgehog) The following packages are affected: openssh-server The problem can be corrected by upgrading the affected package to version 1:3.8.1p1-11ubuntu3.2 (for Ubuntu 4.10), or 1:3.9p1-1ubuntu2.1 (for Ubuntu 5.04). In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: An information disclosure vulnerability has been found in the SSH server. When the GSSAPIAuthentication option was enabled, the SSH server could send GSSAPI credentials even to users who attempted to log in with a method other than GSSAPI. This could inadvertently expose these credentials to an untrusted user. Please note that this does not affect the default configuration of the SSH server. Updated packages for Ubuntu 4.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh_3.8.1p1-11ubuntu3.2.diff.gz Size/MD5: 145915 b3fde6ad57fa71c6fedd0d857a41b98d http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh_3.8.1p1-11ubuntu3.2.dsc Size/MD5: 878 24b7a0d1b0bc1b12b4bfcdbe6523175f http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh_3.8.1p1.orig.tar.gz Size/MD5: 795948 9ce6f2fa5b2931ce2c4c25f3af9ad50d Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/o/openssh/ssh_3.8.1p1-11ubuntu3.2_all.deb Size/MD5: 30068 9ef84fcec461c2890a1623499383b845 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-client-udeb_3.8.1p1-11ubuntu3.2_amd64.udeb Size/MD5: 159440 464c3d1ddad5e743c3f87fab0801bd91 http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-client_3.8.1p1-11ubuntu3.2_amd64.deb Size/MD5: 524028 51bda380ea97ef5d49d475b4d210fb6d http://security.ubuntu.com/ubuntu/pool/universe/o/openssh/openssh-server-udeb_3.8.1p1-11ubuntu3.2_amd64.udeb Size/MD5: 176150 f0456146f631cb925407693de6c707ae http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-server_3.8.1p1-11ubuntu3.2_amd64.deb Size/MD5: 263790 a5014d5e2e28be860944fee7087c2d30 http://security.ubuntu.com/ubuntu/pool/main/o/openssh/ssh-askpass-gnome_3.8.1p1-11ubuntu3.2_amd64.deb Size/MD5: 53286 933c38274907edc3033e5728beb8a7f0 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-client-udeb_3.8.1p1-11ubuntu3.2_i386.udeb Size/MD5: 133700 91e3983782270ba83ead5fdf75cf6056 http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-client_3.8.1p1-11ubuntu3.2_i386.deb Size/MD5: 473980 57c5dd711cb4bba5af54b377ddf25727 http://security.ubuntu.com/ubuntu/pool/universe/o/openssh/openssh-server-udeb_3.8.1p1-11ubuntu3.2_i386.udeb Size/MD5: 146854 94bae5597a13d613d1a7fe6d34e8312c http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-server_3.8.1p1-11ubuntu3.2_i386.deb Size/MD5: 241586 3761cc46ab91630196103390b86d36f4 http://security.ubuntu.com/ubuntu/pool/main/o/openssh/ssh-askpass-gnome_3.8.1p1-11ubuntu3.2_i386.deb Size/MD5: 52956 35adb2d5dafd2b25d0aaa73c87b8231c powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-client-udeb_3.8.1p1-11ubuntu3.2_powerpc.udeb Size/MD5: 151096 34eaad307c336ec22cdd062ab8343918 http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-client_3.8.1p1-11ubuntu3.2_powerpc.deb Size/MD5: 520822 be831a5152a07823c8a3642de79c23c3 http://security.ubuntu.com/ubuntu/pool/universe/o/openssh/openssh-server-udeb_3.8.1p1-11ubuntu3.2_powerpc.udeb Size/MD5: 160176 aae5f5a422bc2086c78581b05f6eb71b http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-server_3.8.1p1-11ubuntu3.2_powerpc.deb Size/MD5: 257946 0960bfb03e1682d28086d5b11bc55f51 http://security.ubuntu.com/ubuntu/pool/main/o/openssh/ssh-askpass-gnome_3.8.1p1-11ubuntu3.2_powerpc.deb Size/MD5: 54404 5729a05da0f88afe145a38ac80c92ae5 Updated packages for Ubuntu 5.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh_3.9p1-1ubuntu2.1.diff.gz Size/MD5: 139063 63d2f62b292d2ac8baec90117878dbbd http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh_3.9p1-1ubuntu2.1.dsc Size/MD5: 866 a4fce3d18d282f646942b15fb7a26915 http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh_3.9p1.orig.tar.gz Size/MD5: 832804 530b1dcbfe7a4a4ce4959c0775b85a5a Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/o/openssh/ssh_3.9p1-1ubuntu2.1_all.deb Size/MD5: 30784 6c4ec282b6ad44325c9e4cb7e9f99133 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-client-udeb_3.9p1-1ubuntu2.1_amd64.udeb Size/MD5: 166004 ad72e257534bca3288a87f42da24321a http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-client_3.9p1-1ubuntu2.1_amd64.deb Size/MD5: 541790 5ea523c81b6d60f06aacba79cba0d1ca http://security.ubuntu.com/ubuntu/pool/universe/o/openssh/openssh-server-udeb_3.9p1-1ubuntu2.1_amd64.udeb Size/MD5: 178906 e299cfe208e71c00ab70966fd45fc896 http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-server_3.9p1-1ubuntu2.1_amd64.deb Size/MD5: 278618 06a33a10eae290df72a1bac94147ae91 http://security.ubuntu.com/ubuntu/pool/main/o/openssh/ssh-askpass-gnome_3.9p1-1ubuntu2.1_amd64.deb Size/MD5: 62376 17d33928bfe3099328a580ff0049ad5a i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-client-udeb_3.9p1-1ubuntu2.1_i386.udeb Size/MD5: 138820 2f62cd70e9b0ae744fb648633b82e3f2 http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-client_3.9p1-1ubuntu2.1_i386.deb Size/MD5: 490984 19aa2eee3bebb877825ca4cc56fc0a28 http://security.ubuntu.com/ubuntu/pool/universe/o/openssh/openssh-server-udeb_3.9p1-1ubuntu2.1_i386.udeb Size/MD5: 148848 dfe53e11807c424c82627519b54f50f0 http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-server_3.9p1-1ubuntu2.1_i386.deb Size/MD5: 255490 cd0d1f2c1e542ce117aeb6f323f50f29 http://security.ubuntu.com/ubuntu/pool/main/o/openssh/ssh-askpass-gnome_3.9p1-1ubuntu2.1_i386.deb Size/MD5: 61982 0c6e0e48f00a03bf8d578386ba2ecc67 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-client-udeb_3.9p1-1ubuntu2.1_powerpc.udeb Size/MD5: 157968 493980c3c33a672090dfbf1abbf3e373 http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-client_3.9p1-1ubuntu2.1_powerpc.deb Size/MD5: 538048 05826f416d68106a2c43b8c292cf4173 http://security.ubuntu.com/ubuntu/pool/universe/o/openssh/openssh-server-udeb_3.9p1-1ubuntu2.1_powerpc.udeb Size/MD5: 163124 bb83628be05ff708f46af190ffad7700 http://security.ubuntu.com/ubuntu/pool/main/o/openssh/openssh-server_3.9p1-1ubuntu2.1_powerpc.deb Size/MD5: 272738 40ae3f2b793802b5ad55f75d983354df http://security.ubuntu.com/ubuntu/pool/main/o/openssh/ssh-askpass-gnome_3.9p1-1ubuntu2.1_powerpc.deb Size/MD5: 63500 6c6daed8410fa8216e896f2c778f476c [ Part 1.2, "Digital signature" Application/PGP-SIGNATURE ] [ 196bytes. ] [ Unable to print this part. ] [ Part 2: "Attached Text" ] _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/