ssh security holes
gboyce
gboyce at badbelly.com
Wed Sep 6 13:29:03 EDT 2006
Well, I'd be more concerned about the fact that they're running an
unsupported version of solaris which will not longer recieve any sort of
security patches. I'm guessing the version of openssh was added manually
rather than through a vendor package.
As for Openssh specific issues:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2798
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0225
The first is a privledge escalation for a user on a system where
GSSAPIDelegateCredentials is enabled.
The second is more of a bug than a vulnerability, but could theoretically
be used by a local user to gain priveledges if an something/someone is
using scp to copy local files around.
On Tue, 5 Sep 2006, Stephen Adler wrote:
> Solaris.... 5.6 Generic_105181-39
>
> gboyce wrote:
>> On Tue, 5 Sep 2006, Stephen Adler wrote:
>>
>>> Guys,
>>>
>>> I'm working with a company who has an old version of ssh installed,
>>>
>>> OpenSSH_3.8p1, SSH protocols 1.5/2.0, OpenSSL 0.9.7d 17 Mar 2004
>>>
>>> Is there a way to find out if this version of ssh has any vulnerabilities?
>>>
>>> Steve.
>>
>> Your best bet is to look for security fixes released by the particular
>> vendor. Is this system running Redhat? Debian?
>>
>> --
>> Greg
>>
>
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
> _______________________________________________
> Discuss mailing list
> Discuss at blu.org
> http://olduvai.blu.org/mailman/listinfo/discuss
>
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the Discuss
mailing list