Subject: SECURITY: SSH
From: Dan Burcaw (firstname.lastname@example.org)
Date: Tue Dec 14 1999 - 21:34:35 MST
As reported by CERT and discussed on the BugTraq mailing list, SSH1 has a
security vulnerability when compiled withe RSAREF support. The RSAREF2
library has a buffer overrun that along with an additional buffer overrun
in the SSH1 sshd program allow for possible unauthorized execution of
You can tell if you are vulnerable by running: ssh -V
If you see something like:
SSH Version 1.2.27 [ppc-unknown-linux], protocol version 1.5.
Compiled with RSAREF.
Then you are vulnerable.
install-ssh, which shipped with Champion Server 1.0 and ships with 1.1
compiled --with-rsaref. If you did not modify the ssh.spec to *not*
compile --with-rsaref then you are vulnerable.
Terra Soft strongly advises that you upgrade from to OpenSSH 1.2pre17
(OpenSSH is a development of the OpenBSD project. It is essential a GPL'd
version of ssh that maintains compatibility with the SSH1 protocal)
To download OpenSSH 1.2pre7 see http://violet.ibs.com.au/openssh/
I'm still debating whether or not to update install-ssh to grab OpenSSH
instead. This is mainly because OpenSSH requires OpenSSL whichis one more
thing that we can not ship with YDL. Therefore, we'd either need an
install-openssl script or install-(open)ssh would need to take care of
that as well.
One thing is certain, future version of YDL will not ship with a script
that and help you obtain standard SSH. If we do ship with a newer
install-ssh it will download OpenSSH instead.
Terra Soft Solutions, Inc.
Yellow Dog Linux
"The Ultimate Companion for a Dedicated Server"
This archive was generated by hypermail 2a24 : Sun Jan 02 2000 - 12:12:58 MST