SSH Tectia Server for IBM z/OS pid File Permission Weakness Local

2007-05-28T23:10:07
ID OSVDB:35014
Type osvdb
Reporter OSVDB
Modified 2007-05-28T23:10:07

Description

Vulnerability Description

SSH Tectia Server for IBM z/OS contains a flaw that may allow a local denial of service. The issue is triggered due to the pid file permissions are world-writable, allowing a local attacker to modify the pid content into an arbitrary process ID which will be processed during start or stop operations by the SSH daemon scripts. This flaw could results in a loss of availability for the system.

Solution Description

Upgrade to version 5.4.0 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

SSH Tectia Server for IBM z/OS contains a flaw that may allow a local denial of service. The issue is triggered due to the pid file permissions are world-writable, allowing a local attacker to modify the pid content into an arbitrary process ID which will be processed during start or stop operations by the SSH daemon scripts. This flaw could results in a loss of availability for the system.

References:

Vendor Specific News/Changelog Entry: http://www.ssh.com/documents/33/SSH_Tectia_Server_5.4.0_zOS_releasenotes.txt Security Tracker: 1017913 Secunia Advisory ID:24916 ISS X-Force ID: 33699 FrSIRT Advisory: ADV-2007-1414 CVE-2007-2063 Bugtraq ID: 23508