OpenBSD Journal

[Not OpenSSH!] SSH 3.0 Remote Root Exploit

Contributed by Dengue on from the of-course-your-not-using-ssh dept.

Andrew Newman of Yale University, and an anonymous system administrator at the University of Helsinki have discovered a potential remote root compromise in SSH Communications version 3.0 of SSH Secure Shell. There is a problem with password authentication to the sshd2 deamon that could allow any user to access accounts with password fields of two or fewer characters by using any password including an empty one. Version 3.0.1 of SSH Secure Shell fixes this problem. OS's affected include: Linux (many), Solaris 2.6-2.8, HP-UX 10.20 and 11.00. Not affected are Tru64 4.0G, NetBSD, and OpenBSD.

As soon as this is up at BUGTRAQ , I'll post a link to the advisory. Most, if not all of you are probably using OpenSSH , and are unaffected by this vulnerability.

(Comments are closed)

  1. By Anonymous Coward () on

    most, if not all of us, use passwords longer than two characters...


Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]