Bug 439079 (CVE-2008-1483)
| Summary: | CVE-2008-1483 openssh may set DISPLAY even if it's unable to listen on respective port | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Red Hat Product Security <security-response-team> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | low | Docs Contact: | |
| Priority: | low | ||
| Version: | unspecified | CC: | hyan-jxa, moshiro, tao, tmraz, vdanen |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1483 | ||
| Whiteboard: | |||
| Fixed In Version: | openssh 5.0 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2010-12-23 16:51:47 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Lubomir Kundrak
2008-03-26 20:47:33 UTC
None of supported releases of Fedora is vulnerable, as the fix is a side effect of another fix applied: http://cvs.fedora.redhat.com/viewcvs/rpms/openssh/devel/openssh-3.9p1-skip-used.patch?rev=1.1&view=log The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: http://www.redhat.com/security/updates/classification/#low Versions of openssh packages as shipepd with Red Hat Enterprise Linux versions 4 and 5 are not vulnerable to this issue as it was fixed as a side effect of another change. The risks associated with fixing this bug are greater than the low severity security risk. We therefore currently have no plans to fix this flaw in Red Hat Enterprise Linux 2.1 which is in maintenance mode. Further clarification of the comment #3: This issue is only exploitable on systems with IPv6 enabled, which is not by default on Red Hat Enterprise Linux 2.1 and 3. Therefore it was rated as having low security impact on those Red Hat Enterprise Linux versions. Issue is fixed in Red Hat Enterprise Linux 4 and 5. This issue was fixed in upstream OpenSSH version 5.0: http://www.openssh.com/txt/release-5.0 Reporter changed to security-response-team by request of Jay Turner. (In reply to comment #2) > Versions of openssh packages as shipepd with Red Hat Enterprise Linux versions 4 > and 5 are not vulnerable to this issue as it was fixed as a side effect of > another change. Not really a side effect. This issue was previously reported via bug #163732 against Red Hat Enterprise Linux 4 openssh and it was fixed as normal bug, as the security implications of the flaw were missed at that time: http://rhn.redhat.com/errata/RHSA-2005-527.html The patch from Red Hat Enterprise Linux openssh packages was adopted upstream in 5.0: http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/channels.c.diff?r1=1.272;r2=1.273;f=h (In reply to comment #1) > http://cvs.fedora.redhat.com/viewcvs/rpms/openssh/devel/openssh-3.9p1-skip-used.patch?rev=1.1&view=log This URL no longer works, cvs.fedoraproject.org has to be used instead of cvs.fedora.redhat.com: http://cvs.fedoraproject.org/viewvc/rpms/openssh/devel/openssh-3.9p1-skip-used.patch This was addressed via: Red Hat Enterprise Linux version 4 (RHSA-2005:527) |