Debians sikkerhedsbulletin

DSA-956-1 lsh-server -- filedescriptor-lækage

Rapporteret den:

26. jan 2006

Berørte pakker:

lsh-utils

Sårbar:

Referencer i sikkerhedsdatabaser:

I Debians fejlsporingssystem: Fejl 349303.
I Mitres CVE-ordbog: CVE-2006-0353.

Yderligere oplysninger:

Stefan Pfetzing har opdaget at lshd, en Secure Shell v2 (SSH2)-protokolserver, lækkede et par fil-descriptorer, i forbindelse med tilfældighedsgenerering, til bruger-shell'er startet af lshd. En lokal angriber kunne trunkere serverens seed-fil, hvilket kunne forhindre serveren i at starte, og med noget mere arbejde, måske også bryde sessionsnøglen.

Efter installering af denne opdatering, bør du fjerne serverens seed-fil (/var/spool/lsh/yarrow-seed-file) og som root regenerere den med "lsh-make-seed --server".

Af sikkerhedsgrunde skal lsh-make-seed køres fra konsollen på det system, som du kører den på. Hvis du kører lsh-make-seed via en fjern shell, er det meget muligt at timing-oplysningerne som lsh-make-seed anvender til oprettelsen af sin tilfældigheds-seed kan være dårlige. Om nødvendigt kan du generere tilfældigheds-seed'en på et andet system, end der hvor den egentlig skal køre, ved at installere pakken lsh-utils og køre "lsh-make-seed -o my-other-server-seed-file". Derefter kan du overføre seed-filen til det oprindelige system via en sikker forbindelse.

Den gamle stabile distribution (woody) er måske ikke påvirket af dette problem.

I den stabile distribution (sarge) er dette problem rettet i version 2.0.1-3sarge1.

I den ustabile distribution (sid) er dette problem rettet i version 2.0.1cdbs-4.

Vi anbefaler at du opgraderer din lsh-server-pakke.

Rettet i:

Debian GNU/Linux 3.1 (sarge)

Kildekode:: http://security.debian.org/pool/updates/main/l/lsh-utils/lsh-utils_2.0.1-3sarge1.dsc; http://security.debian.org/pool/updates/main/l/lsh-utils/lsh-utils_2.0.1-3sarge1.diff.gz; http://security.debian.org/pool/updates/main/l/lsh-utils/lsh-utils_2.0.1.orig.tar.gz
Arkitekturuafhængig komponent:: http://security.debian.org/pool/updates/main/l/lsh-utils/lsh-utils-doc_2.0.1-3sarge1_all.deb
Alpha:: http://security.debian.org/pool/updates/main/l/lsh-utils/lsh-client_2.0.1-3sarge1_alpha.deb; http://security.debian.org/pool/updates/main/l/lsh-utils/lsh-server_2.0.1-3sarge1_alpha.deb; http://security.debian.org/pool/updates/main/l/lsh-utils/lsh-utils_2.0.1-3sarge1_alpha.deb
ARM:: http://security.debian.org/pool/updates/main/l/lsh-utils/lsh-client_2.0.1-3sarge1_arm.deb; http://security.debian.org/pool/updates/main/l/lsh-utils/lsh-server_2.0.1-3sarge1_arm.deb; http://security.debian.org/pool/updates/main/l/lsh-utils/lsh-utils_2.0.1-3sarge1_arm.deb
Intel IA-32:: http://security.debian.org/pool/updates/main/l/lsh-utils/lsh-client_2.0.1-3sarge1_i386.deb; http://security.debian.org/pool/updates/main/l/lsh-utils/lsh-server_2.0.1-3sarge1_i386.deb; http://security.debian.org/pool/updates/main/l/lsh-utils/lsh-utils_2.0.1-3sarge1_i386.deb
Intel IA-64:: http://security.debian.org/pool/updates/main/l/lsh-utils/lsh-client_2.0.1-3sarge1_ia64.deb; http://security.debian.org/pool/updates/main/l/lsh-utils/lsh-server_2.0.1-3sarge1_ia64.deb; http://security.debian.org/pool/updates/main/l/lsh-utils/lsh-utils_2.0.1-3sarge1_ia64.deb
HPPA:: http://security.debian.org/pool/updates/main/l/lsh-utils/lsh-client_2.0.1-3sarge1_hppa.deb; http://security.debian.org/pool/updates/main/l/lsh-utils/lsh-server_2.0.1-3sarge1_hppa.deb; http://security.debian.org/pool/updates/main/l/lsh-utils/lsh-utils_2.0.1-3sarge1_hppa.deb
Motorola 680x0:: http://security.debian.org/pool/updates/main/l/lsh-utils/lsh-client_2.0.1-3sarge1_m68k.deb; http://security.debian.org/pool/updates/main/l/lsh-utils/lsh-server_2.0.1-3sarge1_m68k.deb; http://security.debian.org/pool/updates/main/l/lsh-utils/lsh-utils_2.0.1-3sarge1_m68k.deb
Big endian MIPS:: http://security.debian.org/pool/updates/main/l/lsh-utils/lsh-client_2.0.1-3sarge1_mips.deb; http://security.debian.org/pool/updates/main/l/lsh-utils/lsh-server_2.0.1-3sarge1_mips.deb; http://security.debian.org/pool/updates/main/l/lsh-utils/lsh-utils_2.0.1-3sarge1_mips.deb
Little endian MIPS:: http://security.debian.org/pool/updates/main/l/lsh-utils/lsh-client_2.0.1-3sarge1_mipsel.deb; http://security.debian.org/pool/updates/main/l/lsh-utils/lsh-server_2.0.1-3sarge1_mipsel.deb; http://security.debian.org/pool/updates/main/l/lsh-utils/lsh-utils_2.0.1-3sarge1_mipsel.deb
PowerPC:: http://security.debian.org/pool/updates/main/l/lsh-utils/lsh-client_2.0.1-3sarge1_powerpc.deb; http://security.debian.org/pool/updates/main/l/lsh-utils/lsh-server_2.0.1-3sarge1_powerpc.deb; http://security.debian.org/pool/updates/main/l/lsh-utils/lsh-utils_2.0.1-3sarge1_powerpc.deb
IBM S/390:: http://security.debian.org/pool/updates/main/l/lsh-utils/lsh-client_2.0.1-3sarge1_s390.deb; http://security.debian.org/pool/updates/main/l/lsh-utils/lsh-server_2.0.1-3sarge1_s390.deb; http://security.debian.org/pool/updates/main/l/lsh-utils/lsh-utils_2.0.1-3sarge1_s390.deb
Sun Sparc:: http://security.debian.org/pool/updates/main/l/lsh-utils/lsh-client_2.0.1-3sarge1_sparc.deb; http://security.debian.org/pool/updates/main/l/lsh-utils/lsh-server_2.0.1-3sarge1_sparc.deb; http://security.debian.org/pool/updates/main/l/lsh-utils/lsh-utils_2.0.1-3sarge1_sparc.deb

MD5-kontrolsummer for de listede filer findes i den originale sikkerhedsbulletin.