Secunia Logo
 Vulnerability IntelligenceVulnerability ScanningCommunityBlog - new entry!Corporate InformationOnline ShopCustomer Login  
 Secunia AdvisoriesSecunia ResearchBinary Analysis  
Home > Vulnerability Intelligence > Secunia Advisories > Mandrake update for OpenSSH
Secunia Advisories
Advisories
Search
Advisories by Product
Advisories by Vendor
Historic Advisories
Mailing Lists & RSS
Report Vulnerability
Contact Form
Business Solutions Restricted
Partner Solutions Restricted
About
 
Mandrake update for OpenSSH
Secunia Advisory: SA9751
Advisory Toolbox:
Issue ticket
Save in to-do list
Mark as handled
Exploit information
Download as PDF
Review actions
Add comment
Release Date: 2003-09-17
Popularity: 7,384 views

Critical:
Highly critical
Impact: DoS
System access
Where: From remote
Solution Status: Vendor Patch

OS:Mandrake Corporate Server 2.x
Mandrake Linux 8.x
Mandrake Linux 9.x
Mandrake Multi Network Firewall 8.x
Subscribe: Instant alerts on relevant vulnerabilities

CVE reference:CVE-2003-0693
CVE-2003-0695
Description:
Mandrake has issued updated packages for ssh. These fix a vulnerability, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.

For more information:
SA9743

Solution:
Updated packages:

Corporate Server 2.1:
e4dd6a2be580feeceddb7bf702646992 corporate/2.1/RPMS/OpenSSH-3.6.1p2-1.2.90mdk.i586.rpm
b643425ed773606865f31797db73b6d5 corporate/2.1/RPMS/OpenSSH-askpass-3.6.1p2-1.2.90mdk.i586.rpm
bf403b678dd74c14c489bf5a32939e80 corporate/2.1/RPMS/OpenSSH-askpass-gnome-3.6.1p2-1.2.90mdk.i586.rpm
c4ec1f56320d69a37455d4f74da30d2d corporate/2.1/RPMS/OpenSSH-clients-3.6.1p2-1.2.90mdk.i586.rpm
0252fc0a7273c7c2ebbe4ae92fe492c6 corporate/2.1/RPMS/OpenSSH-server-3.6.1p2-1.2.90mdk.i586.rpm
8909a7349c3e18993784900e1c501dc8 corporate/2.1/SRPMS/OpenSSH-3.6.1p2-1.2.90mdk.src.rpm

Corporate Server 2.1/x86_64:
7a297d5ad1cf8f266a7045e5ed6407b4 x86_64/corporate/2.1/RPMS/OpenSSH-3.6.1p2-1.2.90mdk.x86_64.rpm
0e1047d7ac87e4cb2fc83f51156f89e8 x86_64/corporate/2.1/RPMS/OpenSSH-askpass-3.6.1p2-1.2.90mdk.x86_64.rpm
09592be1376bff2acb58577eb22927e5 x86_64/corporate/2.1/RPMS/OpenSSH-askpass-gnome-3.6.1p2-1.2.90mdk.x86_64.rpm
cb39634d5cb6811a53e833a566dca625 x86_64/corporate/2.1/RPMS/OpenSSH-clients-3.6.1p2-1.2.90mdk.x86_64.rpm
2e49b64404318ee3c10f7088781f36da x86_64/corporate/2.1/RPMS/OpenSSH-server-3.6.1p2-1.2.90mdk.x86_64.rpm
8909a7349c3e18993784900e1c501dc8 x86_64/corporate/2.1/SRPMS/OpenSSH-3.6.1p2-1.2.90mdk.src.rpm

Mandrake Linux 8.2:
862ccaea668653af1dd98d4f4cba388e 8.2/RPMS/OpenSSH-3.6.1p2-1.2.82mdk.i586.rpm
abb351c902abd9bcfc7eefd0d8e56b43 8.2/RPMS/OpenSSH-askpass-3.6.1p2-1.2.82mdk.i586.rpm
614a6bd4680be732689f5bd1e791a351 8.2/RPMS/OpenSSH-askpass-gnome-3.6.1p2-1.2.82mdk.i586.rpm
baa534caf5c7121741a7089e11cd169e 8.2/RPMS/OpenSSH-clients-3.6.1p2-1.2.82mdk.i586.rpm
6f0b03ff0dd99857159177d3e797e916 8.2/RPMS/OpenSSH-server-3.6.1p2-1.2.82mdk.i586.rpm
d6fd51341f521dc7fc2086915dcaec20 8.2/SRPMS/OpenSSH-3.6.1p2-1.2.82mdk.src.rpm

Mandrake Linux 8.2/PPC:
c453de5cac92707c112c9245663fd25c ppc/8.2/RPMS/OpenSSH-3.6.1p2-1.2.82mdk.ppc.rpm
48211a23e464b38ebd4e7deed7347f48 ppc/8.2/RPMS/OpenSSH-askpass-3.6.1p2-1.2.82mdk.ppc.rpm
77d27118abff6a1d6c0f57c167fefb52 ppc/8.2/RPMS/OpenSSH-askpass-gnome-3.6.1p2-1.2.82mdk.ppc.rpm
b58b03854614f14c861f42121d165a2b ppc/8.2/RPMS/OpenSSH-clients-3.6.1p2-1.2.82mdk.ppc.rpm
9c477dda47eab7cad24839d0ea43e6a4 ppc/8.2/RPMS/OpenSSH-server-3.6.1p2-1.2.82mdk.ppc.rpm
d6fd51341f521dc7fc2086915dcaec20 ppc/8.2/SRPMS/OpenSSH-3.6.1p2-1.2.82mdk.src.rpm

Mandrake Linux 9.0:
e4dd6a2be580feeceddb7bf702646992 9.0/RPMS/OpenSSH-3.6.1p2-1.2.90mdk.i586.rpm
b643425ed773606865f31797db73b6d5 9.0/RPMS/OpenSSH-askpass-3.6.1p2-1.2.90mdk.i586.rpm
bf403b678dd74c14c489bf5a32939e80 9.0/RPMS/OpenSSH-askpass-gnome-3.6.1p2-1.2.90mdk.i586.rpm
c4ec1f56320d69a37455d4f74da30d2d 9.0/RPMS/OpenSSH-clients-3.6.1p2-1.2.90mdk.i586.rpm
0252fc0a7273c7c2ebbe4ae92fe492c6 9.0/RPMS/OpenSSH-server-3.6.1p2-1.2.90mdk.i586.rpm
8909a7349c3e18993784900e1c501dc8 9.0/SRPMS/OpenSSH-3.6.1p2-1.2.90mdk.src.rpm

Mandrake Linux 9.1:
2f657dd739f51adad400b75e627db53a 9.1/RPMS/OpenSSH-3.6.1p2-1.2.91mdk.i586.rpm
2284741fdae6b3809b85f1f193dc9c7b 9.1/RPMS/OpenSSH-askpass-3.6.1p2-1.2.91mdk.i586.rpm
3462362cb6364701bfe536541f24d349 9.1/RPMS/OpenSSH-askpass-gnome-3.6.1p2-1.2.91mdk.i586.rpm
5a8b2d3763dfc4dd77c7705401b4155e 9.1/RPMS/OpenSSH-clients-3.6.1p2-1.2.91mdk.i586.rpm
508f52a1bc06e57b5176c31dc7d1674b 9.1/RPMS/OpenSSH-server-3.6.1p2-1.2.91mdk.i586.rpm
4d9c124f212d3ad840bc19f6579784fc 9.1/SRPMS/OpenSSH-3.6.1p2-1.2.91mdk.src.rpm

Mandrake Linux 9.1/PPC:
bf558d8fba0c8f779f73e8a3f75956d8 ppc/9.1/RPMS/OpenSSH-3.6.1p2-1.2.91mdk.ppc.rpm
ca0ff77a847d5485cf03e4abb1fc7a88 ppc/9.1/RPMS/OpenSSH-askpass-3.6.1p2-1.2.91mdk.ppc.rpm
4c45f30751958b8347713b818a55caf1 ppc/9.1/RPMS/OpenSSH-askpass-gnome-3.6.1p2-1.2.91mdk.ppc.rpm
e7912e06b6bf2579badac32f583d8511 ppc/9.1/RPMS/OpenSSH-clients-3.6.1p2-1.2.91mdk.ppc.rpm
809424b2dd19bd2f654fdf4743fc5a8b ppc/9.1/RPMS/OpenSSH-server-3.6.1p2-1.2.91mdk.ppc.rpm
4d9c124f212d3ad840bc19f6579784fc ppc/9.1/SRPMS/OpenSSH-3.6.1p2-1.2.91mdk.src.rpm

Multi Network Firewall 8.2:
862ccaea668653af1dd98d4f4cba388e mnf8.2/RPMS/OpenSSH-3.6.1p2-1.2.82mdk.i586.rpm
baa534caf5c7121741a7089e11cd169e mnf8.2/RPMS/OpenSSH-clients-3.6.1p2-1.2.82mdk.i586.rpm
6f0b03ff0dd99857159177d3e797e916 mnf8.2/RPMS/OpenSSH-server-3.6.1p2-1.2.82mdk.i586.rpm
d6fd51341f521dc7fc2086915dcaec20 mnf8.2/SRPMS/OpenSSH-3.6.1p2-1.2.82mdk.src.rpm

Changelog:
2003-09-17: Updated advisory with new packages which also fixes CAN-2003-0695.

Original Advisory:
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:090

Other References:
SA9743:
http://secunia.com/advisories/9743/

Track this Secunia Advisory
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.

Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
  
Latest Advisories

3rd Dec, 2008
New advisories: 24
New vulnerabilities: 39
Updated advisories: 41

Moderately // 276 views
mvnForum Unspecified Cross-Site Scripting and Request Forgery
Less // 260 views
Debian update for awstats
Moderately // 285 views
Kolab Server ClamAV Multiple Vulnerabilities
Less // 338 views
Movable Type Unspecified Cross-Site Scripting Vulnerability
Moderately // 311 views
Sunbyte e-Flower "id" SQL Injection Vulnerability
Not // 342 views
SUSE update for kernel
Not // 444 views
HP-UX Unspecified Local Denial of Service Vulnerability
Moderately // 384 views
WebGUI Executable Attachments Vulnerability
Moderately // 575 views
SquirrelMail Malformed HTML Mail Message Script Insertion
Less // 570 views
VMware ESX Server update for bzip2

Solutions | More...  

Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.

Ideas, suggestions, and other feedback are most welcome.

Most Popular - 3 Hours

1. Sun Java JDK / JRE Multiple Vulnerabilities // 72 views
2. Adobe Flash Player Multiple Security Issues and Vulnerabilities // 40 views
3. WebGUI Executable Attachments Vulnerability // 30 views
4. Kolab Server ClamAV Multiple Vulnerabilities // 30 views
5. VMware ESX / ESXi Virtual Hardware Memory Corruption Vulnerability // 29 views
6. HP-UX Unspecified Local Denial of Service Vulnerability // 28 views
7. SquirrelMail Malformed HTML Mail Message Script Insertion // 28 views
8. VMware ESX Server update for bzip2 // 27 views
9. Movable Type Unspecified Cross-Site Scripting Vulnerability // 25 views
10. mvnForum Unspecified Cross-Site Scripting and Request Forgery // 23 views



Contact | Terms & Conditions and Copyright | Report Vulnerability | Press | Jobs | About Secunia
Copyright Secunia 2002-2008