Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-383-1:41FAA
HistorySep 17, 2003 - 3:41 p.m.

[SECURITY] [DSA-383-1] OpenSSH buffer management fix

2003-09-1715:41:06
lists.debian.org
14
JSON

Debian Security Advisory DSA-383-1 [email protected]
http://www.debian.org/security/ Wichert Akkerman
September 17, 2003

Package : ssh-krb5
Vulnerability : buffer handling
Problem type : possible remote
Debian-specific: no
CVS references : CAN-2003-0693 CAN-2003-0695

Several bugs have been found in OpenSSH's buffer handling. It is not
known if these bugs are exploitable, but as a precaution an upgrade is
advised.

For the Debian stable distribution these bugs have been fixed in version
1:3.4p1-0woody3 .

Upgrade Instructions

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody

Source archives:

http://security.debian.org/pool/updates/main/o/openssh-krb5/openssh-krb5_3.4p1.orig.tar.gz
  Size/MD5 checksum:   837668 459c1d0262e939d6432f193c7a4ba8a8
http://security.debian.org/pool/updates/main/o/openssh-krb5/openssh-krb5_3.4p1-0woody3.diff.gz
  Size/MD5 checksum:   120256 101711fd74f01e6e670c334752cafe44
http://security.debian.org/pool/updates/main/o/openssh-krb5/openssh-krb5_3.4p1-0woody3.dsc
  Size/MD5 checksum:      822 e39ebe0e44ae1998d5c47ddb45d6dbe8

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/o/openssh-krb5/ssh-krb5_3.4p1-0woody3_alpha.deb
  Size/MD5 checksum:   888466 dd124b4ce632d30f00eed9409ea5b42a

arm architecture (ARM)

http://security.debian.org/pool/updates/main/o/openssh-krb5/ssh-krb5_3.4p1-0woody3_arm.deb
  Size/MD5 checksum:   687666 9cc220113aadc19c647fb65f5f0d998b

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/o/openssh-krb5/ssh-krb5_3.4p1-0woody3_hppa.deb
  Size/MD5 checksum:   789256 a5bbdfbea796a3e2d6b979622466ab63

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/o/openssh-krb5/ssh-krb5_3.4p1-0woody3_i386.deb
  Size/MD5 checksum:   671568 faa1fa7949a7cce9388057a485d98dc5

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/o/openssh-krb5/ssh-krb5_3.4p1-0woody3_ia64.deb
  Size/MD5 checksum:  1049956 51e568695ef150e6049e7b5b42d23891

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/o/openssh-krb5/ssh-krb5_3.4p1-0woody3_mipsel.deb
  Size/MD5 checksum:   759494 0aeeb07fe815b8a0e36e5ded2763d1ab

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/o/openssh-krb5/ssh-krb5_3.4p1-0woody3_powerpc.deb
  Size/MD5 checksum:   711472 cf3efec05458df632179302cd78032f0

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/o/openssh-krb5/ssh-krb5_3.4p1-0woody3_s390.deb
  Size/MD5 checksum:   749046 93cc4a83d9b3afded11ccc1a6a62d127

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/o/openssh-krb5/ssh-krb5_3.4p1-0woody3_sparc.deb
  Size/MD5 checksum:   694616 b56ebfa782eb8645e34058facd3e9ca5

Debian Security team <[email protected]>
http://www.debian.org/security/
Mailing-List: [email protected]

Related

openvas 14
nessus 8
cve 3
debiancve 3
debian 4
redhat 1
cisco 1
freebsd_advisory 1
suse 2
osv 2
cert 1
securityvulns 2
ubuntucve 1
openvas
openvas
Debian Security Advisory DSA 382-2 (ssh)
2008-01-17 00:00:00
Debian Security Advisory DSA 382-2 (ssh)
2008-01-17 00:00:00
Debian Security Advisory DSA 383-1 (ssh-krb5)
2008-01-17 00:00:00
nessus
nessus
Mandrake Linux Security Advisory : openssh (MDKSA-2003:090-1)
2004-07-31 00:00:00
RHEL 2.1 : openssh (RHSA-2003:280)
2004-07-06 00:00:00
Debian DSA-382-3 : ssh - possible remote vulnerability
2004-09-29 00:00:00
cve
cve
CVE-2003-0695
2003-10-06 04:00:00
CVE-2003-0693
2003-09-22 04:00:00
CVE-2003-0682
2003-10-06 04:00:00
debiancve
debiancve
CVE-2003-0695
2003-10-06 04:00:00
CVE-2003-0693
2003-09-22 04:00:00
CVE-2003-0682
2003-10-06 04:00:00
debian
debian
[SECURITY] [DSA-382-2] OpenSSH buffer management fix
2003-09-17 11:27:29
[SECURITY] [DSA-383-2] OpenSSH buffer management fix
2003-09-21 19:05:20
[SECURITY] [DSA-382-3] OpenSSH buffer management fix
2003-09-21 19:05:05
redhat
redhat
(RHSA-2003:280) openssh security update
2003-09-16 00:00:00
cisco
cisco
OpenSSH Server Vulnerabilities
2003-09-17 07:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-03:12.openssh
2003-09-16 00:00:00
suse
suse
potential remote privilege escalation in openssh (second release)
2003-09-18 18:20:42
potential remote privilege escalation in openssh
2003-09-16 20:44:07
osv
osv
ssh - possible remote vulnerability
2003-09-16 00:00:00
ssh-krb5 - possible remote vulnerability
2003-09-17 00:00:00
cert
cert
OpenSSH contains buffer management errors
2003-09-16 00:00:00
securityvulns
securityvulns
CERT Advisory CA-2003-24 Buffer Management Vulnerability in OpenSSH
2003-09-17 00:00:00
[ESA-20030916-023] OpenSSH buffer management error.
2003-09-16 00:00:00
ubuntucve
ubuntucve
CVE-2003-0693
2003-09-22 00:00:00
JSON
Related for DEBIAN:DSA-383-1:41FAA
openvas14nessus8cve3debiancve3debian4redhat1cisco1freebsd_advisory1suse2osv2cert1securityvulns2ubuntucve1