Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-382-3:7A6C6
HistorySep 21, 2003 - 7:05 p.m.

[SECURITY] [DSA-382-3] OpenSSH buffer management fix

2003-09-2119:05:05
lists.debian.org
12
JSON

Debian Security Advisory DSA-382-3 [email protected]
http://www.debian.org/security/ Wichert Akkerman
September 21, 2003

Package : ssh
Vulnerability : buffer handling
Problem type : possible remote
Debian-specific: no
CVE references : CAN-2003-0693 CAN-2003-0695 CAN-2003-0682

This advisory is an addition to the earlier DSA-382-1 and DSA-382-3
advisories: Solar Designer found four more bugs in OpenSSH that may be
exploitable.

For the Debian stable distribution these bugs have been fixed in version
1:3.4p1-1.woody.3 .

Upgrade Instructions

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody

Source archives:

http://security.debian.org/pool/updates/main/o/openssh/openssh_3.4p1.orig.tar.gz
  Size/MD5 checksum:   837668 459c1d0262e939d6432f193c7a4ba8a8
http://security.debian.org/pool/updates/main/o/openssh/openssh_3.4p1-1.woody.3.diff.gz
  Size/MD5 checksum:    36523 b264717da79efedfbaaecfede3ec5934
http://security.debian.org/pool/updates/main/o/openssh/openssh_3.4p1-1.woody.3.dsc
  Size/MD5 checksum:     1350 bf5970e940e1d5bf7345a1d9e778d7f4

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.4p1-1.woody.3_alpha.deb
  Size/MD5 checksum:    35900 634340333420155ddaf6f70fab3fbd59
http://security.debian.org/pool/updates/main/o/openssh/ssh_3.4p1-1.woody.3_alpha.deb
  Size/MD5 checksum:   850196 c9e82af3e9f16941c64d0ae478e1f184

arm architecture (ARM)

http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.4p1-1.woody.3_arm.deb
  Size/MD5 checksum:    35132 b7c3431b949c24cf1c040be28e06fbbf
http://security.debian.org/pool/updates/main/o/openssh/ssh_3.4p1-1.woody.3_arm.deb
  Size/MD5 checksum:   658324 5ac2853c07e93bc498aadcc63565bb82

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/o/openssh/ssh_3.4p1-1.woody.3_hppa.deb
  Size/MD5 checksum:   755910 14d426db61713617a1e914bd1c675b07
http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.4p1-1.woody.3_hppa.deb
  Size/MD5 checksum:    35494 714c4e74169c5985ad745f8928d1e831

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.4p1-1.woody.3_i386.deb
  Size/MD5 checksum:    35414 ab621997a28bc30c928c2d317ae0c3a9
http://security.debian.org/pool/updates/main/o/openssh/ssh_3.4p1-1.woody.3_i386.deb
  Size/MD5 checksum:   642624 a4293645b075984afa600f8094395c2d

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/o/openssh/ssh_3.4p1-1.woody.3_ia64.deb
  Size/MD5 checksum:  1002720 ac989f421d1de08ce6487060ce231968
http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.4p1-1.woody.3_ia64.deb
  Size/MD5 checksum:    36906 45b3a0b3f0564cc6688fab9bc2bceee1

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/o/openssh/ssh_3.4p1-1.woody.3_mipsel.deb
  Size/MD5 checksum:   727514 4b667b3d8306af3eb8073e66932c853d
http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.4p1-1.woody.3_mipsel.deb
  Size/MD5 checksum:    35384 2395ff7a07f5d4e255844d0f608a8161

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/o/openssh/ssh_3.4p1-1.woody.3_powerpc.deb
  Size/MD5 checksum:   681524 f8f9c03826fce1dccc16c7d47b93a376
http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.4p1-1.woody.3_powerpc.deb
  Size/MD5 checksum:    35150 b6a0d8c9edf371d118dd32d503102c6c

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/o/openssh/ssh_3.4p1-1.woody.3_s390.deb
  Size/MD5 checksum:   718140 97e5e2e22860eb74d336e2938286d7a7
http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.4p1-1.woody.3_s390.deb
  Size/MD5 checksum:    35786 97f0c72c5d72b61b5fe9c0c2a1d278be

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/o/openssh/ssh_3.4p1-1.woody.3_sparc.deb
  Size/MD5 checksum:   686130 d44dec2bc9161419f71f769fff78f95b
http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.4p1-1.woody.3_sparc.deb
  Size/MD5 checksum:    35202 1b2eb82ad15a4209237a61000dc63c3c

Debian Security team <[email protected]>
http://www.debian.org/security/
Mailing-List: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian3sparcssh-askpass-gnome< 1:3.4p1-1.woody.3ssh-askpass-gnome_1:3.4p1-1.woody.3_sparc.deb
Debian3allopenssh< 1:3.4p1-1.woody.3openssh_1:3.4p1-1.woody.3_all.deb
Debian3mipselssh-askpass-gnome< 1:3.4p1-1.woody.3ssh-askpass-gnome_1:3.4p1-1.woody.3_mipsel.deb
Debian3mipsssh-askpass-gnome< 1:3.4p1-1.woody.3ssh-askpass-gnome_1:3.4p1-1.woody.3_mips.deb
Debian3m68kssh-askpass-gnome< 1:3.4p1-1.woody.3ssh-askpass-gnome_1:3.4p1-1.woody.3_m68k.deb
Debian3s390ssh< 1:3.4p1-1.woody.3ssh_1:3.4p1-1.woody.3_s390.deb
Debian3powerpcssh-askpass-gnome< 1:3.4p1-1.woody.3ssh-askpass-gnome_1:3.4p1-1.woody.3_powerpc.deb
Debian3sparcssh< 1:3.4p1-1.woody.3ssh_1:3.4p1-1.woody.3_sparc.deb
Debian3alphassh-askpass-gnome< 1:3.4p1-1.woody.3ssh-askpass-gnome_1:3.4p1-1.woody.3_alpha.deb
Debian3m68kssh< 1:3.4p1-1.woody.3ssh_1:3.4p1-1.woody.3_m68k.deb
Rows per page:
1-10 of 231

Related

nessus 9
openvas 16
redhat 1
osv 2
debiancve 3
freebsd_advisory 1
cisco 1
debian 4
suse 2
cve 3
cert 1
securityvulns 2
ubuntucve 2
slackware 1
nessus
nessus
RHEL 2.1 : openssh (RHSA-2003:280)
2004-07-06 00:00:00
Debian DSA-383-2 : ssh-krb5 - possible remote vulnerability
2004-09-29 00:00:00
Debian DSA-382-3 : ssh - possible remote vulnerability
2004-09-29 00:00:00
openvas
openvas
Debian Security Advisory DSA 383-2 (ssh-krb5)
2008-01-17 00:00:00
Debian Security Advisory DSA 382-3 (ssh)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-383-1)
2008-01-17 00:00:00
redhat
redhat
(RHSA-2003:280) openssh security update
2003-09-16 00:00:00
osv
osv
ssh - possible remote vulnerability
2003-09-16 00:00:00
ssh-krb5 - possible remote vulnerability
2003-09-17 00:00:00
debiancve
debiancve
CVE-2003-0682
2003-10-06 04:00:00
CVE-2003-0693
2003-09-22 04:00:00
CVE-2003-0695
2003-10-06 04:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-03:12.openssh
2003-09-16 00:00:00
cisco
cisco
OpenSSH Server Vulnerabilities
2003-09-17 07:00:00
debian
debian
[SECURITY] [DSA-383-2] OpenSSH buffer management fix
2003-09-21 19:05:20
[SECURITY] [DSA-383-1] OpenSSH buffer management fix
2003-09-17 15:41:06
[SECURITY] [DSA-382-2] OpenSSH buffer management fix
2003-09-17 11:27:29
suse
suse
potential remote privilege escalation in openssh (second release)
2003-09-18 18:20:42
potential remote privilege escalation in openssh
2003-09-16 20:44:07
cve
cve
CVE-2003-0682
2003-10-06 04:00:00
CVE-2003-0693
2003-09-22 04:00:00
CVE-2003-0695
2003-10-06 04:00:00
cert
cert
OpenSSH contains buffer management errors
2003-09-16 00:00:00
securityvulns
securityvulns
CERT Advisory CA-2003-24 Buffer Management Vulnerability in OpenSSH
2003-09-17 00:00:00
[ESA-20030916-023] OpenSSH buffer management error.
2003-09-16 00:00:00
ubuntucve
ubuntucve
CVE-2003-0693
2003-09-22 00:00:00
CVE-2003-0682
2003-10-06 00:00:00
slackware
slackware
New OpenSSH packages
2003-09-23 23:06:10
JSON
Related for DEBIAN:DSA-382-3:7A6C6
nessus9openvas16redhat1osv2debiancve3freebsd_advisory1cisco1debian4suse2cve3cert1securityvulns2ubuntucve2slackware1