[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-disclosure] SCOSA-2006.12 OpenServer 6.0.0 : OpenSSH Multiple Vulnerabilities
- To: security-announce@xxxxxxxxxxxx
- Subject: [Full-disclosure] SCOSA-2006.12 OpenServer 6.0.0 : OpenSSH Multiple Vulnerabilities
- From: SCO Security Advisories <security@xxxxxxx>
- Date: Wed, 15 Mar 2006 09:32:27 -0800
--
Dr. Ronald Joe Record
Chief Security Officer
SCO
rr@xxxxxxx
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
______________________________________________________________________________
SCO Security Advisory
Subject: OpenServer 6.0.0 : OpenSSH Multiple Vulnerabilities
Advisory number: SCOSA-2006.12
Issue date: 2006 March 15
Cross reference: fz532976
CVE-2005-2797 CVE-2005-2798
______________________________________________________________________________
1. Problem Description
Two security issues have been reported in OpenSSH, which can
be exploited by malicious users to gain escalated privileges
or bypass certain security restrictions.
An error in handling dynamic port forwardings when no
listen address is specified, can cause "GatewayPorts" to be
incorrectly activated.
An error in handling GSSAPI credential delegation can allow
a user, who did not login using GSSAPI authentication, to be
delegated with GSSAPI credentials.
Successful exploitation requires that
"GSSAPIDelegateCredentials" is enabled.
The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the names CVE-2005-2797 and
CVE-2005-2798 to these issues.
2. Vulnerable Supported Versions
System Binaries
----------------------------------------------------------------------
OpenServer 6.0.0 OpenSSH utilities and libraries
3. Solution
The proper solution is to install the latest packages.
4. OpenServer 6.0.0
4.1 Location of Fixed Binaries
ftp://ftp.sco.com/pub/openserver6/600/mp/osr600mp2/osr600mp2.iso
4.2 Verification
MD5 (osr600mp2.iso) = 7e560dcde374eb60df2b4a599ac20d8a
md5 is available for download from
ftp://ftp.sco.com/pub/security/tools
4.3 Installing Fixed Binaries
See the SCO OpenServer Release 6.0.0 Maintenance Pack 2 Release
and Installation Notes:
ftp://ftp.sco.com/pub/openserver6/600/mp/osr600mp2/osr600mp2.html
5. References
Specific references for this advisory:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2797
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2798
http://secunia.com/advisories/16686
http://www.securityfocus.com/bid/14729
SCO security resources:
http://www.sco.com/support/security/index.html
SCO security advisories via email
http://www.sco.com/support/forums/security.html
This security fix closes SCO incidents fz532976.
6. Disclaimer
SCO is not responsible for the misuse of any of the information
we provide on this website and/or through our security
advisories. Our advisories are a service to our customers intended
to promote secure installation and use of SCO products.
______________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (UnixWare)
iD8DBQFEGEZLaqoBO7ipriERAks5AKCW9Cy5Pb6BqWwuAnUd2kxCAO84nQCfTV9k
nvjX8U2vLPNAkIm4Wr+RpPw=
=48M6
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/