Bug 104496 - CAN-2003-0693 OpenSSH buffer allocation bug
CAN-2003-0693 OpenSSH buffer allocation bug
Status: CLOSED ERRATA
Product: Red Hat Linux
Classification: Retired
Component: openssh (Show other bugs)
9
All Linux
high Severity medium
: ---
: ---
Assigned To: Nalin Dahyabhai
Brian Brock
: Security
: 104495 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2003-09-16 09:48 EDT by Mark J. Cox (Product Security)
Modified: 2014-01-21 17:48 EST (History)
7 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2003-09-16 14:01:34 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)
patch for openssh 3.1 systems like rhl 7.X (678 bytes, patch)
2003-09-16 12:06 EDT, Seth Vidal
no flags Details | Diff

  None (edit)
Description Mark J. Cox (Product Security) 2003-09-16 09:48:24 EDT
A bug has been found in the buffer code in OpenSSH.  It is not yet clear if this
could be exploited by an attacker but several possible attack vectors are under
evaluation.  A patch from the OpenBSD team is available.

RHSA-2003:279 in progress.
Comment 1 Mark J. Cox (Product Security) 2003-09-16 09:50:46 EDT
*** Bug 104495 has been marked as a duplicate of this bug. ***
Comment 2 Seth Vidal 2003-09-16 10:17:59 EDT
Have y'all patched anything else that was not included in this patch:
http://www.freebsd.org/cgi/cvsweb.cgi/src/crypto/openssh/buffer.c.diff?r1=1.1.1.6&r2=1.1.1.7&f=u

?

Just trying to find out if pushing what I have is sufficient or if there is
something else announced privately that I'm missing.

thanks
Comment 3 Kaj J. Niemi 2003-09-16 11:16:53 EDT
According to a message posted to openbsd-misc by Markus Friedl
<markus@openbsd.org> that's enough:

<http://marc.theaimsgroup.com/?l=openbsd-misc&m=106371592604940&w=2>

Comment 4 Seth Vidal 2003-09-16 12:06:19 EDT
Created attachment 94524 [details]
patch for openssh 3.1 systems like rhl 7.X

patch for openssh 3.1 systems like rhl 7.x - the provided patch from friedl
just needed a little modfication.

I know something like this will be in red hat's errata but can't hurt to add it
here for others.
Comment 5 Mark J. Cox (Product Security) 2003-09-16 14:01:34 EDT
An errata has been issued which should help the problem described in the above
bug report. 
This report is therefore being closed with a resolution of ERRATA. For more
information
on the solution and/or where to find the updated files, please follow the link
below. 
You may reopen this bug report if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2003-279.htm
Comment 6 Michael Lee Yohe 2003-09-16 16:45:43 EDT
Mark - your link is bad.

Error 404.
Comment 7 Mark J. Cox (Product Security) 2003-09-16 16:49:04 EDT
Missing l
http://rhn.redhat.com/errata/RHSA-2003-279.html
Comment 8 Michael Young 2003-09-17 04:09:32 EDT
Are you aware that openssh have revised their advisory and released 3.7.1 - it
looks like they are fixing the problem in more cases.
Comment 9 Mark J. Cox (Product Security) 2003-09-17 04:12:32 EDT
See bug 104551 for these additional issues.

Note You need to log in before you can comment on or make changes to this bug.