Home / vulnerabilities SCOSA-2008.2.txt
Posted on 13 March 2008
Source : packetstormsecurity.org Link
SCO Security Advisory
Subject: OpenSSH Denial Of Service Vulnerability
Advisory number: SCOSA-2008.2
Issue date: 12th March 2008
Cross reference: fz534336, fz533530
CVE-2006-4924
______________________________________________________________________________
1. Problem Description
sshd in OpenSSH versions before 4.4, when using the version 1 SSH
protocol, could allow a remote attacker to cause a denial of service
(CPU consumption) via an SSH packet that contains duplicate blocks,
which is not properly handled by the CRC compensation attack detector.
2. Vulnerable Supported Versions
System Package
----------------------------------------------------------------------
UnixWare 7.1.4 openssh 4.2p1
UnixWare 7.1.3 openssh 4.0p1
3. Solution
The proper solution is to install the relevant package below.
4. UnixWare 7.1.4
This patch should only be installed on UnixWare 7.1.4 systems with
Maintenance Pack 3 (MP3) applied. You can download MP3 from:
ftp://ftp.sco.com/pub/unixware7/714/mp/uw714mp3
4.1 Location of Fixed Binaries
ftp://ftp.sco.com/pub/unixware7/714/security/p534336/
4.2 Verification
MD5 (p534336.image) = 89271cc36a93ab8252159a4a98abc221
md5 is available for download from
ftp://ftp.sco.com/pub/security/tools
4.3 Installation Instructions
1) Download the p534336.image file to the /tmp directory on
your machine.
2) As root, add the package to your system using these commands:
$ su -
Password: <type your root password>
# pkgadd -d /tmp/p534336.image
Alternatively, this package may be installed in quiet mode,
that is, without displaying the release notes and asking for
confirmation. To do this, use these commands:
$ su -
Password: <type your root password>
# pkgadd -qd /tmp/p534589.image all
3) There is no need to reboot the system after installing this
package.
4.4 Removal Instructions
1) As root, remove the package using these commands:
$ su -
Password: <type your root password>
# pkgrm p534589
5. UnixWare 7.1.3
This patch should only be installed on UnixWare 7.1.3 systems with
Maintenance Pack 5 (MP5) applied. You can download MP5 from:
ftp://ftp.sco.com/pub/unixware7/713/mp/mp5
5.1 Location of Fixed Binaries
ftp://ftp.sco.com/pub/unixware7/713/security/p534336_713/
5.2 Verification
MD5 (p534336.image) = 1554e72a7197480d77687ef0246964c1
md5 is available for download from
ftp://ftp.sco.com/pub/security/tools
5.3 Installation Instructions
1) Download the p534336.image file to the /tmp directory on
your machine.
2) As root, add the package to your system using these commands:
$ su -
Password: <type your root password>
# pkgadd -d /tmp/p534336.image
Alternatively, this package may be installed in quiet mode,
that is, without displaying the release notes and asking for
confirmation. To do this, use these commands:
$ su -
Password: <type your root password>
# pkgadd -qd /tmp/p534589.image all
3) There is no need to reboot the system after installing this
package.
5.4 Removal Instructions
1) As root, remove the package using these commands:
$ su -
Password: <type your root password>
# pkgrm p534589
6. References
SCO security resources:
http://www.sco.com/support/download.html
SCO security advisories via email
http://www.sco.com/support/forums/security.html
This security fix closes SCO incidents fz534336 and 533530.
7. Disclaimers
SCO is not responsible for the misuse of any of the information
we provide on this website and/or through our security
advisories. Our advisories are a service to our customers intended
to promote secure installation and use of SCO products.
8. Acknowledgements
N/A
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/