安全研究
安全漏洞
SSH Communications SSH Server权限提升漏洞
发布日期:2002-11-25
更新日期:2002-12-03
受影响系统:
SSH Communications Security SSH2 3.2.1不受影响系统:
SSH Communications Security SSH2 3.2
SSH Communications Security SSH2 3.1.4
SSH Communications Security SSH2 3.1.3
SSH Communications Security SSH2 3.1.2
SSH Communications Security SSH2 3.1.1
SSH Communications Security SSH2 3.1
SSH Communications Security SSH2 3.0.1
SSH Communications Security SSH2 3.0
SSH Communications Security SSH2 2.5
SSH Communications Security SSH2 2.3
SSH Communications Security SSH2 2.2
SSH Communications Security SSH2 2.1
SSH Communications Security SSH2 2.0.13
SSH Communications Security SSH2 2.4
- Microsoft Windows NT 4.0
- Microsoft Windows 98
- Microsoft Windows 95
- Microsoft Windows 2000 SP3
SSH Communications Security SSH2 3.2.2描述:
SSH Communications Security SSH2 3.1.5
BUGTRAQ ID: 6247
CVE(CAN) ID: CVE-2002-1644
Secure Shell是一款由SSH Communications分发和维护的商业SSH实现。
Secure Shell Servers在非交互命令执行之后没有正确从主进程组删除子进程,远程攻击者可以利用这个漏洞发送误导消息给syslog和其他应用程序。
当使用非交互连接时,在处理SSH Secure Shell主进程组时没有正确处理子进程,如果非交互命令不带pty执行(包含运行命令和子系统),子进程就会保留在主进程组中而不被删除。
在依靠getlogin()平台上的恶意用户利用这个漏洞至少可以发送误导消息给SYSLOG和其他应用程序(getlogin()调用会返回"root")。
目前认为此漏洞不能用于提升到root用户权限,但是如果某一个setuid应用程序依靠getlogin()输出就可能存在root用户权限获得的可能。
<*来源:SSH Security Advisory
链接:http://www.ssh.com/company/newsroom/article/286/
http://www.kb.cert.org/vuls/id/740619
*>
建议:
厂商补丁:
SSH Communications Security
---------------------------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
SSH Communications Security SSH2 2.0.13:
SSH Communications Security SSH2 2.1:
SSH Communications Security SSH2 2.2:
SSH Communications Security SSH2 2.3:
SSH Communications Security SSH2 2.4:
SSH Communications Security SSH2 2.5:
SSH Communications Security SSH2 3.0:
SSH Communications Security SSH2 3.0.1:
SSH Communications Security SSH2 3.1:
SSH Communications Security Upgrade ssh-3.1.5
http://ftp.ssh.com/priv/secureshell/h7cq89th/
SSH Communications Security SSH2 3.1.1:
SSH Communications Security Upgrade ssh-3.1.5
http://ftp.ssh.com/priv/secureshell/h7cq89th/
SSH Communications Security SSH2 3.1.2:
SSH Communications Security Upgrade ssh-3.1.5
http://ftp.ssh.com/priv/secureshell/h7cq89th/
SSH Communications Security SSH2 3.1.3:
SSH Communications Security Upgrade ssh-3.1.5
http://ftp.ssh.com/priv/secureshell/h7cq89th/
SSH Communications Security SSH2 3.1.4:
SSH Communications Security Upgrade ssh-3.1.5
http://ftp.ssh.com/priv/secureshell/h7cq89th/
SSH Communications Security SSH2 3.2:
SSH Communications Security Upgrade ssh-3.2.2
http://ftp.ssh.com/priv/secureshell/6g3zslpk
SSH Communications Security SSH2 3.2.1:
SSH Communications Security Upgrade ssh-3.2.2
http://ftp.ssh.com/priv/secureshell/6g3zslpk
浏览次数:3593
严重程度:0(网友投票)
绿盟科技给您安全的保障