8659874 2002-06-27 11:52 -0700 /73 rader/ <security@caldera.com> Sänt av: joel@lysator.liu.se Importerad: 2002-06-28 14:14 av Brevbäraren Extern mottagare: bugtraq@securityfocus.com Extern mottagare: announce@lists.caldera.com Extern mottagare: security-alerts@linuxsecurity.com Mottagare: Bugtraq (import) <22869> Ärende: Security Update: [CSSA-2002-030.0] Linux: OpenSSH Vulnerabilities in Challenge Response Handling ------------------------------------------------------------ From: security@caldera.com To: bugtraq@securityfocus.com, announce@lists.caldera.com, security-alerts@linuxsecurity.com Message-ID: <20020627115221.H664@caldera.com> To: bugtraq@securityfocus.com announce@lists.caldera.com security-alerts@linuxsecurity.com ______________________________________________________________________________ Caldera International, Inc. Security Advisory Subject: Linux: OpenSSH Vulnerabilities in Challenge Response Handling Advisory number: CSSA-2002-030.0 Issue date: 2002 June 27 Cross reference: ______________________________________________________________________________ 1. Problem Description Several vulnerabilities have been reported in OpenSSH if the S/KEY or BSD Auth features have been enabled, or if PAMAuthenticationViaKbdInt has been enabled. 2. Vulnerable Supported Versions System Package ---------------------------------------------------------------------- OpenLinux 3.1.1 Server prior to and including openssh-3.2.3p1-2 OpenLinux 3.1.1 Workstation prior to and including openssh-3.2.3p1-2 OpenLinux 3.1 Server prior to and including openssh-3.2.3p1-2 OpenLinux 3.1 Workstation prior to and including openssh-3.2.3p1-2 3. Solution Caldera OpenLinux OpenSSH has neither the S/KEY nor BSD Auth features compiled in, so it is not vulnerable to the Challenge/Response vulnerability. We do have the ChallengeResponseAuthentication option on by default, however, so to be safe, we recommend that the option be disabled (set to no) in the /etc/ssh/sshd_config file. In addition, the sshd_config PAMAuthenticationViaKbdInt option is disabled by default, so OpenLinux is not vulnerable to the other alleged vulnerability in a default configuration, either. However, Caldera recommends that this option also be disabled (set to no) if it has been enabled by the system administrator. 4. References Specific references for this advisory: http://www.cert.org/advisories/CA-2002-18.html Caldera security resources: http://www.caldera.com/support/security/index.html 5. Disclaimer Caldera International, Inc. is not responsible for the misuse of any of the information we provide on this website and/or through our security advisories. Our advisories are a service to our customers intended to promote secure installation and use of Caldera products. ______________________________________________________________________________ (8659874) /<security@caldera.com>/--------(Ombruten) Bilaga (application/pgp-signature) i text 8659875 8659875 2002-06-27 11:52 -0700 /9 rader/ <security@caldera.com> Importerad: 2002-06-28 14:14 av Brevbäraren Extern mottagare: bugtraq@securityfocus.com Extern mottagare: announce@lists.caldera.com Extern mottagare: security-alerts@linuxsecurity.com Mottagare: Bugtraq (import) <22870> Bilaga (text/plain) till text 8659874 Ärende: Bilaga till: Security Update: [CSSA-2002-030.0] Linux: OpenSSH Vulnerabilities in Challenge Response Handling ------------------------------------------------------------ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (SCO_SV) Comment: For info see http://www.gnupg.org iEYEARECAAYFAj0bXuUACgkQbluZssSXDTGrtgCfTd4ZGbDu1G4aeHZUpijxwY9Y kxQAoLGf0NrR2+53GcS4EXr1fp03kZaW =/5GD -----END PGP SIGNATURE----- (8659875) /<security@caldera.com>/------------------