OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
[SA18850] SUSE update for openssh

From: Secunia Security Advisories (sec-advsecunia.com)
Date: Tue Feb 14 2006 - 14:02:06 CST

TITLE:
SUSE update for openssh

SECUNIA ADVISORY ID:
SA18850

VERIFY ADVISORY:
http://secunia.com/advisories/18850/

CRITICAL:
Not critical

IMPACT:
Privilege escalation

WHERE:
Local system

OPERATING SYSTEM:
SUSE Linux Enterprise Server 9
http://secunia.com/product/4118/
SUSE Linux 10
http://secunia.com/product/6221/
SuSE Linux 9.1
http://secunia.com/product/3473/
SUSE Linux 9.2
http://secunia.com/product/4258/
SUSE Linux 9.3
http://secunia.com/product/4933/
SuSE Linux Desktop 1.x
http://secunia.com/product/2002/
SuSE Linux Enterprise Server 8
http://secunia.com/product/1171/

DESCRIPTION:
SUSE has issued an update for openssh. This fixes a weakness, which
potentially can be exploited by malicious, local users to perform
certain actions with escalated privileges.

For more information:
SA18579

SOLUTION:
Apply updated packages.

-- x86 Platform --

SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/openssh-4.1p1-10.4.i586.rpm
3b4e0557d7d0a2b1d23b2c426af95df9
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/openssh-askpass-4.1p1-10.4.i586.rpm
ac11a5ad265e171674485961472baaaf

SUSE LINUX 9.3:
ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/openssh-3.9p1-12.4.i586.rpm
2c6d16e14134a1a4f1aaba9ac4aef97f
ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/openssh-askpass-3.9p1-12.4.i586.rpm
4cab20c7e83f6de0e440383939e69ec5

SUSE LINUX 9.2:
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/openssh-3.9p1-3.6.i586.rpm
9b8cf778290ac743fd07445799f79b1f
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/openssh-askpass-3.9p1-3.6.i586.rpm
003115e216c2b36da09ec3679744ba3d

SUSE LINUX 9.1:
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/openssh-4.1p1-11.16.i586.rpm
6e89bdd71e10933bf8e95dc7fad0c289
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/openssh-askpass-4.1p1-11.16.i586.rpm
3d0446f739bcea3715e6945d253b0d53

-- Power PC Platform --

SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/openssh-4.1p1-10.4.ppc.rpm
3970357da536041d1ae3f7e42655aac7
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/openssh-askpass-4.1p1-10.4.ppc.rpm
6a79a95ece5bc7738998adad11205f2f

x86-64 Platform:

SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/openssh-4.1p1-10.4.x86_64.rpm
e9eec927db0859a76851d1b94fa7923d
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/openssh-askpass-4.1p1-10.4.x86_64.rpm
b4a2b9cf969794d1deb1abd07f192786

SUSE LINUX 9.3:
ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/openssh-3.9p1-12.4.x86_64.rpm
65416ca8578374fa4db63ed9e67f41a3
ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/openssh-askpass-3.9p1-12.4.x86_64.rpm
3fef6bb43541532a654b09dd46201f69

SUSE LINUX 9.2:
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/openssh-3.9p1-3.6.x86_64.rpm
3373a79ef05695446f72fdc1a3ec2d44
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/openssh-askpass-3.9p1-3.6.x86_64.rpm
37ac73c4c9a7723fdcaeb16671b4c6b9

SUSE LINUX 9.1:
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/openssh-4.1p1-11.16.x86_64.rpm
d04d20e03a63676d5c3349c382318194
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/openssh-askpass-4.1p1-11.16.x86_64.rpm
ea0deb3eef9970963af2c8c0adce6a7b

-- Sources --

SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/openssh-4.1p1-10.4.src.rpm
97ffd38b1144c4797d474c7de1eb6f51

SUSE LINUX 9.3:
ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/openssh-3.9p1-12.4.src.rpm
1d43324b9d51941bf60e8e0bcbfa25c7

SUSE LINUX 9.2:
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/openssh-3.9p1-3.6.src.rpm
647e4b45eba8dd5399c30dcb64db0c91

SUSE LINUX 9.1:
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/openssh-4.1p1-11.16.src.rpm
cf86431c7c2b1b0b58f6a5f4fff92893
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/openssh-4.1p1-11.16.src.rpm
c04ea03236cd9955c5f21f8c15a35416

ORIGINAL ADVISORY:
http://lists.suse.de/archive/suse-security-announce/2006-Feb/0004.html

OTHER REFERENCES:
SA18579:
http://secunia.com/advisories/18579/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories

----------------------------------------------------------------------