OpenSSH缓存溢出漏洞

涉及程序：

OpenSSH

描述：

OpenSSH缓存溢出漏洞

详细：

在OpenSSH的设置文件sshd_config中，如果把KerberosTgtPassing或

AFSTokenPassing打开，那么程序就会出现缓存溢出。恶意攻击者可以利用此漏

洞得到系统的特权。

受影响系统

----------

系统 软件包(包括此版本在内的旧版本)

---------------------------------------------------------------------

OpenLinux 3.1.1 Server openssh-2.9p2-6.i386.rpm

openssh-askpass-2.9p2-6.i386.rpm

openssh-server-2.9p2-6.i386.rpm

OpenLinux 3.1.1 Workstation openssh-2.9p2-6.i386.rpm

openssh-askpass-2.9p2-6.i386.rpm

OpenLinux 3.1 Server openssh-2.9p2-6.i386.rpm

openssh-askpass-2.9p2-6.i386.rpm

openssh-server-2.9p2-6.i386.rpm

OpenLinux 3.1 Workstation openssh-2.9p2-6.i386.rpm

openssh-askpass-2.9p2-6.i386.rpm

补丁

----

1. OpenLinux 3.1.1 Server

-------------------------

软件包位置: ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Server/current/RPMS

软件包(前面为MD5校验):

f9a494af5e0e6a8eec419f8f94087f7e openssh-2.9p2-6.i386.rpm

b9fcc6352bc4c65f63cda1b0caa2b89c openssh-askpass-2.9p2-6.i386.rpm

ff4a5bc7e7b1d4fd3f79c647d11d9162 openssh-server-2.9p2-6.i386.rpm

安装:

rpm -Fvh openssh-2.9p2-6.i386.rpm

rpm -Fvh openssh-askpass-2.9p2-6.i386.rpm

rpm -Fvh openssh-server-2.9p2-6.i386.rpm

源码位置:ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Server/current/SRP

MS

源码(前面为MD5校验):

ab3e90f4e70fc3eecd7e456fa2c2a97e openssh-2.9p2-6.src.rpm

2. OpenLinux 3.1.1 Workstation

------------------------------

软件包位置: ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Workstation/current

/RPMS

软件包(前面为MD5校验):

3406e8a3e55b52b2eb3e7644327d783c openssh-2.9p2-6.i386.rpm

e57817246b56ffdf0322be8afcec08ae openssh-askpass-2.9p2-6.i386.rpm

安装:

rpm -Fvh openssh-2.9p2-6.i386.rpm

rpm -Fvh openssh-askpass-2.9p2-6.i386.rpm

源码位置:ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Workstation/curren

t/SRPMS

源码(前面为MD5校验):

fde335f6bce93b3a3bf3cc20d8231849 openssh-2.9p2-6.src.rpm

3. OpenLinux 3.1 Server

-----------------------

软件包位置: ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/RPMS

软件包(前面为MD5校验):

41f489ad60ed068a2a027589ca49e6ea openssh-2.9p2-6.i386.rpm

c4b8c1e011708a9e8fa04d927387bde5 openssh-askpass-2.9p2-6.i386.rpm

3bbb580c64ba83efaeefac20d891148f openssh-server-2.9p2-6.i386.rpm

安装:

rpm -Fvh openssh-2.9p2-6.i386.rpm

rpm -Fvh openssh-askpass-2.9p2-6.i386.rpm

rpm -Fvh openssh-server-2.9p2-6.i386.rpm

源码位置:ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/SRPMS

源码(前面为MD5校验):

1c30685cf106f5ee05ec201cd55044f8 openssh-2.9p2-6.src.rpm

4. OpenLinux 3.1 Workstation

----------------------------

软件包位置: ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/R

PMS

软件包(前面为MD5校验):

45502ddfa3d9bc67eefc2ec6a6bd992a openssh-2.9p2-6.i386.rpm

c5bedc4946ee432f66255161ba61bbf5 openssh-askpass-2.9p2-6.i386.rpm

安装:

rpm -Fvh openssh-2.9p2-6.i386.rpm

rpm -Fvh openssh-askpass-2.9p2-6.i386.rpm

源码位置:ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/

SRPMS

源码(前面为MD5校验):

5ddea2209f395da08ca715a128e5485a openssh-2.9p2-6.src.rpm

解决方案：

为OpenSSH升级为最新版本

• ·乌龙院17(最新版附卡)|报价￥6.20|图书
• ·乌龙院18(最新版附卡)|报价￥6.20|图书
• ·OpenSSH快速指南
• ·乌龙院22(最新版附卡)|报价￥6.20|图书
• ·OpenSSH发现严重安全漏洞
• ·OpenSSH缺陷允许攻击者远程利用/非法执行
• ·乌龙院28(最新版附卡)|报价￥6.20|图书
• ·如何测试SSH是否正常工作？
• ·用户安全
• ·系统管理员安全