Miembros de
Boletines de Vulnerabilidades |
Revelación de credenciales en OpenSSH |
|
Clasificación de la vulnerabilidad |
|
| Propiedad | Valor |
| Nivel de Confianza | Oficial |
| Impacto | Aumento de la visibilidad |
| Dificultad | Experto |
| Requerimientos del atacante | Acceso remoto con cuenta |
Información sobre el sistema |
|
| Propiedad | Valor |
| Fabricante afectado | GNU/Linux |
| Software afectado | OpenSSH < 4.2 |
Descripción |
|
|
Se ha descubierto una vulnerabilidad en OpenSSH versiones anteriores a 4.2. La vulnerabilidad reside en sshd que permite que credenciales GSSAPI sean delegadas a clientes que se autentican usando métodos no GSSAPI. Un atacante remoto autenticado podría obtener credenciales de otros usuarios. |
|
Solución |
|
|
Actualización de software Mandrake Mandrivalinux LE2005 x86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/openssh-3.9p1-9.1.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/openssh-askpass-3.9p1-9.1.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/openssh-askpass-gnome-3.9p1-9.1.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/openssh-clients-3.9p1-9.1.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/openssh-server-3.9p1-9.1.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/SRPMS/openssh-3.9p1-9.1.102mdk.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/openssh-3.9p1-9.1.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/openssh-askpass-3.9p1-9.1.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/openssh-askpass-gnome-3.9p1-9.1.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/openssh-clients-3.9p1-9.1.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/openssh-server-3.9p1-9.1.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/SRPMS/openssh-3.9p1-9.1.102mdk.src.rpm Red Hat Red Hat Desktop (v. 4) / SRPMS openssh-3.9p1-8.RHEL4.9.src.rpm Red Hat Desktop (v. 4) / IA-32 openssh-3.9p1-8.RHEL4.9.i386.rpm openssh-askpass-3.9p1-8.RHEL4.9.i386.rpm openssh-askpass-gnome-3.9p1-8.RHEL4.9.i386.rpm openssh-clients-3.9p1-8.RHEL4.9.i386.rpm openssh-server-3.9p1-8.RHEL4.9.i386.rpm Red Hat Desktop (v. 4) / x86_64 openssh-3.9p1-8.RHEL4.9.x86_64.rpm openssh-askpass-3.9p1-8.RHEL4.9.x86_64.rpm openssh-askpass-gnome-3.9p1-8.RHEL4.9.x86_64.rpm openssh-clients-3.9p1-8.RHEL4.9.x86_64.rpm openssh-server-3.9p1-8.RHEL4.9.x86_64.rpm Red Hat Enterprise Linux AS (v. 4) / SRPMS openssh-3.9p1-8.RHEL4.9.src.rpm Red Hat Enterprise Linux AS (v. 4) / IA-32 openssh-3.9p1-8.RHEL4.9.i386.rpm openssh-askpass-3.9p1-8.RHEL4.9.i386.rpm openssh-askpass-gnome-3.9p1-8.RHEL4.9.i386.rpm openssh-clients-3.9p1-8.RHEL4.9.i386.rpm openssh-server-3.9p1-8.RHEL4.9.i386.rpm Red Hat Enterprise Linux AS (v. 4) / IA-64 openssh-3.9p1-8.RHEL4.9.ia64.rpm openssh-askpass-3.9p1-8.RHEL4.9.ia64.rpm openssh-askpass-gnome-3.9p1-8.RHEL4.9.ia64.rpm openssh-clients-3.9p1-8.RHEL4.9.ia64.rpm openssh-server-3.9p1-8.RHEL4.9.ia64.rpm Red Hat Enterprise Linux AS (v. 4) / PPC openssh-3.9p1-8.RHEL4.9.ppc.rpm openssh-askpass-3.9p1-8.RHEL4.9.ppc.rpm openssh-askpass-gnome-3.9p1-8.RHEL4.9.ppc.rpm openssh-clients-3.9p1-8.RHEL4.9.ppc.rpm openssh-server-3.9p1-8.RHEL4.9.ppc.rpm Red Hat Enterprise Linux AS (v. 4) / s390 openssh-3.9p1-8.RHEL4.9.s390.rpm openssh-askpass-3.9p1-8.RHEL4.9.s390.rpm openssh-askpass-gnome-3.9p1-8.RHEL4.9.s390.rpm openssh-clients-3.9p1-8.RHEL4.9.s390.rpm openssh-server-3.9p1-8.RHEL4.9.s390.rpm Red Hat Enterprise Linux AS (v. 4) / s390x openssh-3.9p1-8.RHEL4.9.s390x.rpm openssh-askpass-3.9p1-8.RHEL4.9.s390x.rpm openssh-askpass-gnome-3.9p1-8.RHEL4.9.s390x.rpm openssh-clients-3.9p1-8.RHEL4.9.s390x.rpm openssh-server-3.9p1-8.RHEL4.9.s390x.rpm Red Hat Enterprise Linux AS (v. 4) / x86_64 openssh-3.9p1-8.RHEL4.9.x86_64.rpm openssh-askpass-3.9p1-8.RHEL4.9.x86_64.rpm openssh-askpass-gnome-3.9p1-8.RHEL4.9.x86_64.rpm openssh-clients-3.9p1-8.RHEL4.9.x86_64.rpm openssh-server-3.9p1-8.RHEL4.9.x86_64.rpm Red Hat Enterprise Linux ES (v. 4) / SRPMS openssh-3.9p1-8.RHEL4.9.src.rpm Red Hat Enterprise Linux ES (v. 4) / IA-32 openssh-3.9p1-8.RHEL4.9.i386.rpm openssh-askpass-3.9p1-8.RHEL4.9.i386.rpm openssh-askpass-gnome-3.9p1-8.RHEL4.9.i386.rpm openssh-clients-3.9p1-8.RHEL4.9.i386.rpm openssh-server-3.9p1-8.RHEL4.9.i386.rpm Red Hat Enterprise Linux ES (v. 4) / IA-64 openssh-3.9p1-8.RHEL4.9.ia64.rpm openssh-askpass-3.9p1-8.RHEL4.9.ia64.rpm openssh-askpass-gnome-3.9p1-8.RHEL4.9.ia64.rpm openssh-clients-3.9p1-8.RHEL4.9.ia64.rpm openssh-server-3.9p1-8.RHEL4.9.ia64.rpm Red Hat Enterprise Linux ES (v. 4) / x86_64 openssh-3.9p1-8.RHEL4.9.x86_64.rpm openssh-askpass-3.9p1-8.RHEL4.9.x86_64.rpm openssh-askpass-gnome-3.9p1-8.RHEL4.9.x86_64.rpm openssh-clients-3.9p1-8.RHEL4.9.x86_64.rpm openssh-server-3.9p1-8.RHEL4.9.x86_64.rpm Red Hat Enterprise Linux WS (v. 4) / SRPMS openssh-3.9p1-8.RHEL4.9.src.rpm Red Hat Enterprise Linux WS (v. 4) / IA-32 openssh-3.9p1-8.RHEL4.9.i386.rpm openssh-askpass-3.9p1-8.RHEL4.9.i386.rpm openssh-askpass-gnome-3.9p1-8.RHEL4.9.i386.rpm openssh-clients-3.9p1-8.RHEL4.9.i386.rpm openssh-server-3.9p1-8.RHEL4.9.i386.rpm Red Hat Enterprise Linux WS (v. 4) / IA-64 openssh-3.9p1-8.RHEL4.9.ia64.rpm openssh-askpass-3.9p1-8.RHEL4.9.ia64.rpm openssh-askpass-gnome-3.9p1-8.RHEL4.9.ia64.rpm openssh-clients-3.9p1-8.RHEL4.9.ia64.rpm openssh-server-3.9p1-8.RHEL4.9.ia64.rpm Red Hat Enterprise Linux WS (v. 4) / x86_64 openssh-3.9p1-8.RHEL4.9.x86_64.rpm openssh-askpass-3.9p1-8.RHEL4.9.x86_64.rpm openssh-askpass-gnome-3.9p1-8.RHEL4.9.x86_64.rpm openssh-clients-3.9p1-8.RHEL4.9.x86_64.rpm openssh-server-3.9p1-8.RHEL4.9.x86_64.rpm SCO UnixWare 7.1.3 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.53/openssh-4.2p1.713.image UnixWare 7.1.4 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.53/openssh-4.2p1.714.image OpenServer 6.0.0 ftp://ftp.sco.com/pub/openserver6/600/mp/osr600mp2/osr600mp2.iso Hewlett-Packard HP-UX B.11.00 / HP-UX Secure Shell A.04.20.004 HP-UX B.11.04 / PHSS_34566 o PHSS_34567 HP-UX B.11.11 / HP-UX Secure Shell A.04.20.004 HP-UX B.11.23 / HP-UX Secure Shell A.04.20.005 http://software.hp.com Suse Linux Las actualizaciones pueden descargarse mediante YAST o del servidor FTP oficial de Suse Linux |
|
Identificadores estándar |
|
| Propiedad | Valor |
| CVE | CAN-2005-2798 |
| BID | |
Recursos adicionales |
|
|
Mandriva Security Advisory (MDKSA-2005:172) http://www.mandriva.com/security/advisories?name=MDKSA-2005:172 Red Hat Security Advisory (RHSA-2005:527-16) https://rhn.redhat.com/errata/RHSA-2005-527.html SCO Security Advisory (SCOSA-2005.53) ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.53/SCOSA-2005.53.txt HP SECURITY BULLETIN (HPSBUX02090) http://www4.itrc.hp.com/service/cki/docDisplay.do?docId=c00589050 SUSE Security Advisory (SUSE-SR:2006:003) http://www.novell.com/linux/security/advisories/2006_03_sr.html SCO Security Advisory (SCOSA-2006.12) ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.12/SCOSA-2006.12.txt |
|
Histórico de versiones |
||
| Versión | Comentario | Fecha |
| 1.0 | Aviso emitido | 2005-10-14 |
| 1.1 | Aviso emitido por Red Hat (RHSA-2005:527-16) | 2005-10-17 |
| 1.2 | Aviso emitido por SCO (SCOSA-2005.53) | 2005-12-13 |
| 1.3 | Aviso emitido por HP (HPSBUX02090). | 2006-01-18 |
| 1.4 | Aviso emitido por Suse (SUSE-SR:2006:003) | 2006-02-06 |
| 1.5 | Aviso emitido por SCO (SCOSA-2006.12) | 2006-03-16 |
| 1.6 | Aviso actualizado por HP (HPSBUX02090) | 2006-06-07 |