Buffer overflow : OpenSSH 'sshd' Challenge Response Authentication Buffer Overflow Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.802407

Categoría: Buffer overflow

Título: OpenSSH 'sshd' Challenge Response Authentication Buffer Overflow Vulnerability

Resumen: OpenSSH sshd with ChallengeResponseAuthentication enabled is prone to a buffer overflow vulnerability.

Descripción: Summary:
OpenSSH sshd with ChallengeResponseAuthentication enabled is prone to a buffer overflow vulnerability.

Vulnerability Insight:
The flaw is due to an error in handling a large number of responses
during challenge response authentication when using PAM modules with
interactive keyboard authentication (PAMAuthenticationViaKbdInt).

Vulnerability Impact:
Successful exploitation could allows remote attackers to execute arbitrary
code and gain escalated privileges.

Affected Software/OS:
OpenSSH versions 2.3.1 to 3.3.

Solution:
Upgrade to OpenSSH version 3.4 or later.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2002-0640
BugTraq ID: 5093
http://www.securityfocus.com/bid/5093
Bugtraq: 20020626 OpenSSH Security Advisory (adv.iss) (Google Search)
http://marc.info/?l=bugtraq&m=102514371522793&w=2
Bugtraq: 20020626 Revised OpenSSH Security Advisory (adv.iss) (Google Search)
http://marc.info/?l=bugtraq&m=102514631524575&w=2
Bugtraq: 20020627 How to reproduce OpenSSH Overflow. (Google Search)
http://marc.info/?l=bugtraq&m=102521542826833&w=2
Bugtraq: 20020628 Sun statement on the OpenSSH Remote Challenge Vulnerability (Google Search)
http://marc.info/?l=bugtraq&m=102532054613894&w=2
Caldera Security Advisory: CSSA-2002-030.0
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-030.0.txt
http://www.cert.org/advisories/CA-2002-18.html
CERT/CC vulnerability note: VU#369347
http://www.kb.cert.org/vuls/id/369347
Conectiva Linux advisory: CLA-2002:502
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000502
Debian Security Information: DSA-134 (Google Search)
http://www.debian.org/security/2002/dsa-134
En Garde Linux Advisory: ESA-20020702-016
http://www.linuxsecurity.com/advisories/other_advisory-2177.html
HPdes Security Advisory: HPSBUX0206-195
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0206-195
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:040
http://www.osvdb.org/839
http://www.redhat.com/support/errata/RHSA-2002-127.html
http://www.redhat.com/support/errata/RHSA-2002-131.html
SuSE Security Announcement: SuSE-SA:2002:024 (Google Search)
http://www.novell.com/linux/security/advisories/2002_024_openssh_txt.html

Copyright Copyright (C) 2011 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.802407
Categoría:	Buffer overflow
Título:	OpenSSH 'sshd' Challenge Response Authentication Buffer Overflow Vulnerability
Resumen:	OpenSSH sshd with ChallengeResponseAuthentication enabled is prone to a buffer overflow vulnerability.
Descripción:	Summary: OpenSSH sshd with ChallengeResponseAuthentication enabled is prone to a buffer overflow vulnerability. Vulnerability Insight: The flaw is due to an error in handling a large number of responses during challenge response authentication when using PAM modules with interactive keyboard authentication (PAMAuthenticationViaKbdInt). Vulnerability Impact: Successful exploitation could allows remote attackers to execute arbitrary code and gain escalated privileges. Affected Software/OS: OpenSSH versions 2.3.1 to 3.3. Solution: Upgrade to OpenSSH version 3.4 or later. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2002-0640 BugTraq ID: 5093 http://www.securityfocus.com/bid/5093 Bugtraq: 20020626 OpenSSH Security Advisory (adv.iss) (Google Search) http://marc.info/?l=bugtraq&m=102514371522793&w=2 Bugtraq: 20020626 Revised OpenSSH Security Advisory (adv.iss) (Google Search) http://marc.info/?l=bugtraq&m=102514631524575&w=2 Bugtraq: 20020627 How to reproduce OpenSSH Overflow. (Google Search) http://marc.info/?l=bugtraq&m=102521542826833&w=2 Bugtraq: 20020628 Sun statement on the OpenSSH Remote Challenge Vulnerability (Google Search) http://marc.info/?l=bugtraq&m=102532054613894&w=2 Caldera Security Advisory: CSSA-2002-030.0 ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-030.0.txt http://www.cert.org/advisories/CA-2002-18.html CERT/CC vulnerability note: VU#369347 http://www.kb.cert.org/vuls/id/369347 Conectiva Linux advisory: CLA-2002:502 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000502 Debian Security Information: DSA-134 (Google Search) http://www.debian.org/security/2002/dsa-134 En Garde Linux Advisory: ESA-20020702-016 http://www.linuxsecurity.com/advisories/other_advisory-2177.html HPdes Security Advisory: HPSBUX0206-195 http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0206-195 http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:040 http://www.osvdb.org/839 http://www.redhat.com/support/errata/RHSA-2002-127.html http://www.redhat.com/support/errata/RHSA-2002-131.html SuSE Security Announcement: SuSE-SA:2002:024 (Google Search) http://www.novell.com/linux/security/advisories/2002_024_openssh_txt.html
Copyright	Copyright (C) 2011 Greenbone AG