Home page logo
/

bugtraq logo Bugtraq mailing list archives

Sun statement on the OpenSSH Remote Challenge Vulnerability
From: Darren J Moffat <Darren.Moffat () Sun COM>
Date: Fri, 28 Jun 2002 14:12:47 -0700

An official Security bulletin with be released very soon but the following is an interim statement since we have received a number of enquiries.

The version of OpenSSH that is in Solaris 9 is not beleived to be vulnerable if the default configuration is used. If sshd_config(4)
has been updated so that BOTH of the following entries are present
then it is vulnerable.

        PAMAuthenticationViaKBDInt yes
        KbdInteractiveAuthentication yes

Note that in the default sshd_config(4) PAMAuthenticationViaKBDInt is
listed but KbdInteractiveAuthentication is not (the compiled in default for KbdInteractiveAuthentication is no).

Sun is in the process of producing a patch for Solaris 9. Older Solaris releases are not vulernable since they do not include OpenSSH as part of the Solaris distribution - hosts that added OpenSSH as part of their own site configurations should check the official OpenSSH advisory for details.

The patch that Sun produces to fix this issue will not contain the new OpenSSH Privsep support as it is not yet stable enough on Solaris due to interactions with PAM and BSM auditing, this may appear in a future release - Sun is working with the OpenSSH devlopers on the PAM problems and once a working OpenSSH with PAM and BSM is available we will re-evaluate our position on Privsep.

--
Darren J Moffat


  By Date           By Thread  

Current thread:
  • Sun statement on the OpenSSH Remote Challenge Vulnerability Darren J Moffat (Jun 29)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]