Bug 164661
Summary: | CVE-2003-0386 host based access bypass | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 3 | Reporter: | Paul Waterman <paulwaterman> |
Component: | openssh | Assignee: | Tomas Mraz <tmraz> |
Status: | CLOSED ERRATA | QA Contact: | Brian Brock <bbrock> |
Severity: | low | Docs Contact: | |
Priority: | medium | ||
Version: | 3.0 | CC: | bressers, poelstra |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.kb.cert.org/vuls/id/978316 | ||
Whiteboard: | impact=low,public=20030604,source=bugtraq | ||
Fixed In Version: | RHSA-2006-0298 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2006-07-20 12:53:13 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 181405 |
Description
Paul Waterman
2005-07-29 19:29:21 UTC
Note: At the time of announcement the official response was: "If you depend on IP or DNS based access control, make sure VerifyReverseMapping is turned on in your sshd_config file." http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=105492565028235 I've backported a patch from openssh-3.9p1. This issue is on Red Hat Engineering's list of planned work items for the upcoming Red Hat Enterprise Linux 3.8 release. Engineering resources have been assigned and barring unforeseen circumstances, Red Hat intends to include this item in the 3.8 release. An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2006-0298.html |