(OpenBSD Issues Fix) OpenSSH Unsafe Default Configuration May Let Local Users Execute Arbitrary Commands
|
|
SecurityTracker Alert ID: 1019734 |
|
SecurityTracker URL: http://securitytracker.com/id/1019734
|
|
CVE Reference:
GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Mar 31 2008
|
Impact:
Execution of arbitrary code via local system, User access via local system
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 4.8 and prior versions
|
Description:
A vulnerability was reported in OpenSSH. A local user may be able to bypass security restrictions to execute arbitrary commands.
In the default configuration, a local user with write privileges to the '~/.ssh/rc' file can modify the file and cause sshd to execute commands in the file even if an sshd_config(5) ForceCommand directive is in effect.
This behavior is documented but considered by the vendor to be an unsafe default.
|
Impact:
A local user may be able to execute arbitrary commands.
|
Solution:
OpenBSD has issued the following patches.
ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.1/common/015_openssh.patch
ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.2/common/010_openssh.patch
ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.3/common/001_openssh.patch
|
Vendor URL: www.openssh.org/ (Links to External Site)
|
Cause:
Configuration error
|
Underlying OS:
UNIX (OpenBSD)
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: Mon, 31 Mar 2008 09:23:05 -0500
Subject: OpenBSD OpenSSH
|
http://www.openbsd.org/errata41.html
http://www.openbsd.org/errata42.html
http://www.openbsd.org/errata43.html
|
|
