---------------------------------------------------------------------- To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German. The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios. This includes: * Reason for rating * Extended description * Extended solution * Exploit code or links to exploit code * Deep links Read the full description: http://corporate.secunia.com/products/48/?r=l Contact Secunia Sales for more information: http://corporate.secunia.com/how_to_buy/15/?r=l ---------------------------------------------------------------------- TITLE: Debian update for openssh SECUNIA ADVISORY ID: SA22926 VERIFY ADVISORY: http://secunia.com/advisories/22926/ CRITICAL: Highly critical IMPACT: DoS, System access WHERE: >From remote OPERATING SYSTEM: Debian GNU/Linux 3.1 http://secunia.com/product/5307/ Debian GNU/Linux unstable alias sid http://secunia.com/product/530/ DESCRIPTION: Debian has issued an update for openssh. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. For more information: SA22091 SA22173 SOLUTION: Apply updated packages. -- Debian GNU/Linux 3.1 alias sarge -- Source archives: http://security.debian.org/pool/updates/main/o/openssh/openssh_3.8.1p1-8.sarge.6.dsc Size/MD5 checksum: 842 b58f3585c4ce713f58096cc8f86e4550 http://security.debian.org/pool/updates/main/o/openssh/openssh_3.8.1p1.orig.tar.gz Size/MD5 checksum: 795948 9ce6f2fa5b2931ce2c4c25f3af9ad50d http://security.debian.org/pool/updates/main/o/openssh/openssh_3.8.1p1-8.sarge.6.diff.gz Size/MD5 checksum: 157942 413fea91d9074513db60e466ca053f0d alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_3.8.1p1-8.sarge.6_alpha.udeb Size/MD5 checksum: 216100 0595066001c0004f181b58e781153ae2 http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.8.1p1-8.sarge.6_alpha.deb Size/MD5 checksum: 52112 dcca41fba77489a57bf5a7e9c9069e90 http://security.debian.org/pool/updates/main/o/openssh/ssh_3.8.1p1-8.sarge.6_alpha.deb Size/MD5 checksum: 886462 71f73c733794ea68f8c8c6e05ca2e8d3 http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_3.8.1p1-8.sarge.6_alpha.udeb Size/MD5 checksum: 195114 32b3d7e2b11a5ae016ea19d44380f0d1 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_3.8.1p1-8.sarge.6_amd64.udeb Size/MD5 checksum: 159608 2d8c050003def7b7a2c8832333f90cf0 http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.8.1p1-8.sarge.6_amd64.deb Size/MD5 checksum: 51688 ca60feebdef5f772ab0d42b6fd2c61f0 http://security.debian.org/pool/updates/main/o/openssh/ssh_3.8.1p1-8.sarge.6_amd64.deb Size/MD5 checksum: 748382 59cebd0c9413b12894b88f9688216847 http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_3.8.1p1-8.sarge.6_amd64.udeb Size/MD5 checksum: 176252 d886a611e7b150786b6e3ccdac303018 arm architecture (ARM) http://security.debian.org/pool/updates/main/o/openssh/ssh_3.8.1p1-8.sarge.6_arm.deb Size/MD5 checksum: 673038 a58f22f69602835be4ebe87493d6f006 http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_3.8.1p1-8.sarge.6_arm.udeb Size/MD5 checksum: 153938 5c668e80ea8429d686f9f9999b1e450d http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.8.1p1-8.sarge.6_arm.deb Size/MD5 checksum: 51028 3fc55eba3c4ec515fb70220b5f64a8d3 http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_3.8.1p1-8.sarge.6_arm.udeb Size/MD5 checksum: 144324 f8ca3e9ae3592445e1b18cc84f111f30 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_3.8.1p1-8.sarge.6_hppa.udeb Size/MD5 checksum: 166640 ef7a980dfd7fbb3319d7be72a34783cd http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.8.1p1-8.sarge.6_hppa.deb Size/MD5 checksum: 51764 5e5dfa87acf51e46224f54b3caf39814 http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_3.8.1p1-8.sarge.6_hppa.udeb Size/MD5 checksum: 176152 480fd653a01de9ec47801b20e28c180a http://security.debian.org/pool/updates/main/o/openssh/ssh_3.8.1p1-8.sarge.6_hppa.deb Size/MD5 checksum: 759876 aaced6680806080745d7e7b1b7e16105 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_3.8.1p1-8.sarge.6_i386.udeb Size/MD5 checksum: 133076 3e8728a64af00a02dd940350512eb5d9 http://security.debian.org/pool/updates/main/o/openssh/ssh_3.8.1p1-8.sarge.6_i386.deb Size/MD5 checksum: 688728 15e34bcd846e85fac769f3ac3c90e14b http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.8.1p1-8.sarge.6_i386.deb Size/MD5 checksum: 51336 b0c953a6b2a8d04fd3a384bd987be243 http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_3.8.1p1-8.sarge.6_i386.udeb Size/MD5 checksum: 146126 d0c4ab7aa9735fa5bd6b5e088cd38fe0 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_3.8.1p1-8.sarge.6_ia64.udeb Size/MD5 checksum: 245060 943b8ef2aa2efebadb1382a17ec73385 http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.8.1p1-8.sarge.6_ia64.deb Size/MD5 checksum: 52794 d5152cba549f21aea88e1e4f7e1156f9 http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_3.8.1p1-8.sarge.6_ia64.udeb Size/MD5 checksum: 223128 c1343bc83aa62b8d4d0669990c890e9a http://security.debian.org/pool/updates/main/o/openssh/ssh_3.8.1p1-8.sarge.6_ia64.deb Size/MD5 checksum: 978348 4df605171fec285cf0d63121dcbdc226 m68k architecture (Motorola Mc680x0) http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_3.8.1p1-8.sarge.6_m68k.udeb Size/MD5 checksum: 140424 703a06479b9b06d08fdccb08c3c5a0c6 http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_3.8.1p1-8.sarge.6_m68k.udeb Size/MD5 checksum: 126882 d4a4960f8a81e0325e7e51d9de30ccb2 http://security.debian.org/pool/updates/main/o/openssh/ssh_3.8.1p1-8.sarge.6_m68k.deb Size/MD5 checksum: 634538 db5bd8d18c409fdd0d32645229cf2b9c http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.8.1p1-8.sarge.6_m68k.deb Size/MD5 checksum: 51254 8b350a4b23bfb3791cba5b48fe5ecd5d mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_3.8.1p1-8.sarge.6_mips.udeb Size/MD5 checksum: 180468 e5e51b59cb930e454c30464e386354a4 http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.8.1p1-8.sarge.6_mips.deb Size/MD5 checksum: 51652 dc40a74947d6e20dc1069818b0b509e6 http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_3.8.1p1-8.sarge.6_mips.udeb Size/MD5 checksum: 168434 5c60cab56f8114141c2b66ff11fdb27b http://security.debian.org/pool/updates/main/o/openssh/ssh_3.8.1p1-8.sarge.6_mips.deb Size/MD5 checksum: 771620 bbfea051bebdda48d80e2e85e54e59fa mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.8.1p1-8.sarge.6_mipsel.deb Size/MD5 checksum: 51598 f1d94e4df1c066c47b1e8b0da68d1af1 http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_3.8.1p1-8.sarge.6_mipsel.udeb Size/MD5 checksum: 168904 2812bd93c1a73475a2f5da2360c6ae84 http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_3.8.1p1-8.sarge.6_mipsel.udeb Size/MD5 checksum: 180466 34e765b1bb88443887ab351ca1aed6b5 http://security.debian.org/pool/updates/main/o/openssh/ssh_3.8.1p1-8.sarge.6_mipsel.deb Size/MD5 checksum: 773824 b999638c312e9d05bd70550afc44e215 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_3.8.1p1-8.sarge.6_powerpc.udeb Size/MD5 checksum: 160160 079367a6f51d6b971bb89569098401e3 http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.8.1p1-8.sarge.6_powerpc.deb Size/MD5 checksum: 52792 232893927edddfe9e90dddf37e746c12 http://security.debian.org/pool/updates/main/o/openssh/ssh_3.8.1p1-8.sarge.6_powerpc.deb Size/MD5 checksum: 738392 1b3480543efd3f9314f7a00279b8b995 http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_3.8.1p1-8.sarge.6_powerpc.udeb Size/MD5 checksum: 151108 6852aaf3e53763b502d7217ad50d44b3 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.8.1p1-8.sarge.6_s390.deb Size/MD5 checksum: 51848 477de6fc5a16e8e9c8a6ee37900a0662 http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_3.8.1p1-8.sarge.6_s390.udeb Size/MD5 checksum: 163144 ea1c37908db44852a6a8a3c6e9b46d5e http://security.debian.org/pool/updates/main/o/openssh/ssh_3.8.1p1-8.sarge.6_s390.deb Size/MD5 checksum: 751564 bce6de0298a3e0e644e7732c1e38b92e http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_3.8.1p1-8.sarge.6_s390.udeb Size/MD5 checksum: 174552 31116868d2522f627ad4e03e7a5f83ea sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/o/openssh/ssh_3.8.1p1-8.sarge.6_sparc.deb Size/MD5 checksum: 678210 eb8315ac61f84552e5d0960974d8b6b8 http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_3.8.1p1-8.sarge.6_sparc.udeb Size/MD5 checksum: 153190 60ad4beeaa93a360212614fee9059e44 http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.8.1p1-8.sarge.6_sparc.deb Size/MD5 checksum: 51102 b7e318e55dd39c2c5a7b47cdea057005 http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_3.8.1p1-8.sarge.6_sparc.udeb Size/MD5 checksum: 142084 b84f6dd4d0209df91c1f436e80526aea -- Debian GNU/Linux unstable alias sid -- Fixed in version 1:4.3p2-4. ORIGINAL ADVISORY: http://www.us.debian.org/security/2006/dsa-1212 OTHER REFERENCES: SA22091: http://secunia.com/advisories/22091/ SA22173: http://secunia.com/advisories/22173/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------