Sponsored link
Vyatta –
Linux & Open Source
Alternative to Cisco –
Advanced Routing,
Firewall, VPN, QoS..
Free Download ->
| ||||||||||||||||
Ubuntu alert USN-34-1 (openssh)
=========================================================== Ubuntu Security Notice USN-34-1 November 30, 2004 openssh information leakage CAN-2003-0190 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) The following packages are affected: openssh-server The problem can be corrected by upgrading the affected package to version 1:3.8.1p1-11ubuntu3.1. In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: @Mediaservice.net discovered two information leaks in the OpenSSH server. When using password authentication, an attacker could test whether a login name exists by measuring the time between failed login attempts, i. e. the time after which the "password:" prompt appears again. A similar issue affects systems which do not allow root logins over ssh ("PermitRootLogin no"). By measuring the time between login attempts an attacker could check whether a given root password is correct. This allowed determining weak root passwords using a brute force attack. Source archives: http://security.ubuntu.com/ubuntu/pool/main/o/openssh/ope... Size/MD5: 145620 71fa539badedbda58b58ef29139fd413 http://security.ubuntu.com/ubuntu/pool/main/o/openssh/ope... Size/MD5: 878 5bdd27605cc38bce0cce01bcf9928808 http://security.ubuntu.com/ubuntu/pool/main/o/openssh/ope... Size/MD5: 795948 9ce6f2fa5b2931ce2c4c25f3af9ad50d Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/o/openssh/ssh... Size/MD5: 29960 3d5e1b4e769a8be10b5ad1cd908006c5 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/o/openssh/ope... Size/MD5: 159444 ce407a70f38f37485388c34c94393fd9 http://security.ubuntu.com/ubuntu/pool/main/o/openssh/ope... Size/MD5: 523912 ac9f40baaf37c837a8e64c143a34c108 http://security.ubuntu.com/ubuntu/pool/universe/o/openssh... Size/MD5: 176144 100759d267228eabdac0a9a23184037a http://security.ubuntu.com/ubuntu/pool/main/o/openssh/ope... Size/MD5: 263678 d9d4725937238c22b5fa327403bcf245 http://security.ubuntu.com/ubuntu/pool/main/o/openssh/ssh... Size/MD5: 53194 4fd64b84d4f0a63701d23d5fd87b52dd i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/o/openssh/ope... Size/MD5: 133700 b2bf27c8cdc5d6cd8ae995313c13f81f http://security.ubuntu.com/ubuntu/pool/main/o/openssh/ope... Size/MD5: 473924 314a6883e04062404aab218bf23b997f http://security.ubuntu.com/ubuntu/pool/universe/o/openssh... Size/MD5: 146854 25ef6479f1e832ba4d0d351b57f682d8 http://security.ubuntu.com/ubuntu/pool/main/o/openssh/ope... Size/MD5: 241474 f1f1d95c368d3cd50c0bba78b0b7424e http://security.ubuntu.com/ubuntu/pool/main/o/openssh/ssh... Size/MD5: 52844 e7b3f36414c2c7b19d9c7c2a10880c33 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/o/openssh/ope... Size/MD5: 151096 287eb4b1f2811762eb7b2d3fdce85493 http://security.ubuntu.com/ubuntu/pool/main/o/openssh/ope... Size/MD5: 520712 a6bd03bb888f41463ae096d5a2d963a1 http://security.ubuntu.com/ubuntu/pool/universe/o/openssh... Size/MD5: 160180 f44ab8929b5404e7781b8e643523fece http://security.ubuntu.com/ubuntu/pool/main/o/openssh/ope... Size/MD5: 257838 f074b6568e4d6eb53fff2c910ce57448 http://security.ubuntu.com/ubuntu/pool/main/o/openssh/ssh... Size/MD5: 54312 7c23a096535c939783f4855d089fa39e -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com http://lists.ubuntu.com/mailman/listinfo/ubuntu-security-... (Log in to post comments)
|
||||||||||||||||