LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: August 29th, 2014
Linux Security Week: August 25th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Debian: 'openssh' vulnerability Print E-mail
User Rating:      How can I rate this item?
Posted by LinuxSecurity.com Team   
Debian There is a vulnerability in openssh with X11 forwarding.

- ------------------------------------------------------------------------
Debian Security Advisory                             security@debian.org 
http://www.debian.org/security/                         Wichert Akkerman
November 18, 2000
- ------------------------------------------------------------------------


Package        : openssh
Problem type   : remote exploit
Debian-specific: no

The adv.fwd security advisory from OpenBSD reported a problem
with openssh that Jacob Langseth <jwl@pobox.com> found: when
the connection is established the remote ssh server can force
the ssh client to enable agent and X11 forwarding.

This has been fixed in version 1.2.3-9.1 and we recommend
that you upgrade your openssh packages immediately.

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.


Debian GNU/Linux 2.2 alias potato
- ---------------------------------
  
  Potato was released for alpha, arm, i386, m68k, powerpc and sparc.
  Packages for sparc are not available at this moment; they
  will be announced later at  http://security.debian.org/
  
  Source archives:
 
http://security.debian.org/dists/stable/updates/main/source/openssh_1.2.3-9.1.diff.gz 
      MD5 checksum: 720a7ee40f334b5704a8acbc260ae0dc
 
http://security.debian.org/dists/stable/updates/main/source/openssh_1.2.3-9.1.dsc     
      MD5 checksum: e0c0987ec4e7b8eccd98dabbe75ea231
 
http://security.debian.org/dists/stable/updates/main/source/openssh_1.2.3.orig.tar.gz 
      MD5 checksum: 6aad0cc9ceca55f138ed1ba4cf660349
  
  Architecture indendent archives:
    
http://security.debian.org/dists/stable/updates/main/binary-all/ssh-askpass-ptk_1.2.3-9.1_all.deb
      MD5 checksum: cb2bfd756f5d4fd52ae4656f9bd61420

  Alpha architecture:
    
http://security.debian.org/dists/stable/updates/main/binary-alpha/ssh-askpass-gnome_1.2.3-9.1_alpha.deb
      MD5 checksum: a8b51ca7b67cb0e5aeedac4fa301d18c
    
http://security.debian.org/dists/stable/updates/main/binary-alpha/ssh_1.2.3-9.1_alpha.deb
      MD5 checksum: bb58e19e240adfe940fbebe2364f6f35

  ARM architecture:
    
http://security.debian.org/dists/stable/updates/main/binary-arm/ssh-askpass-gnome_1.2.3-9.1_arm.deb
      MD5 checksum: 543e76b02e7cfdb35f9b92365dc4610b
    
http://security.debian.org/dists/stable/updates/main/binary-arm/ssh_1.2.3-9.1_arm.deb
      MD5 checksum: ed70bc90de326bfec9899f4ed0ac5b6d

  Intel ia32 architecture:
    
http://security.debian.org/dists/stable/updates/main/binary-i386/ssh-askpass-gnome_1.2.3-9.1_i386.deb
      MD5 checksum: a03ebc405c792bbef06d4f3235f0a0d3
    
http://security.debian.org/dists/stable/updates/main/binary-i386/ssh_1.2.3-9.1_i386.deb
      MD5 checksum: c1dfbadec6f9ef38b1ed9391bb1e8c52

  Motorola 680x0 architecture:
    
http://security.debian.org/dists/stable/updates/main/binary-m68k/ssh-askpass-gnome_1.2.3-9.1_m68k.deb
      MD5 checksum: dcdffa2a00132500621d4eb32ecbae9a
    
http://security.debian.org/dists/stable/updates/main/binary-m68k/ssh_1.2.3-9.1_m68k.deb
      MD5 checksum: e0059e6bfe72a14a18803a507884d194

  PowerPC architecture:
    
http://security.debian.org/dists/stable/updates/main/binary-powerpc/ssh-askpass-gnome_1.2.3-9.1_powerpc.deb
      MD5 checksum: 4354d03dc3030da57bb1ce91fac6247a
    
http://security.debian.org/dists/stable/updates/main/binary-powerpc/ssh_1.2.3-9.1_powerpc.deb
      MD5 checksum: 5419aab89a4270933849430efdc0c3d2


  These files will be moved into
   ftp://ftp.debian.org/debian/dists/stable/*/binary-$arch/ soon.

For not yet released architectures please refer to the appropriate
directory  ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ .

- -- 
- ----------------------------------------------------------------------------
apt-get: deb  http://security.debian.org/ stable/updates main
dpkg-ftp:  ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org


 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Weekend Edition
How Cops and Hackers Could Abuse California’s New Phone Kill-Switch Law
Why Russian hackers are beating us
DQ Breach? HQ Says No, But Would it Know?
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.