Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 215702 (CVE-2008-1657) - net-misc/openssh <4.7_p1-r6 rc execution overrides ForceCommand restriction (CVE-2008-1657)
Summary: net-misc/openssh <4.7_p1-r6 rc execution overrides ForceCommand restriction (...
Status: RESOLVED FIXED
Alias: CVE-2008-1657
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
URL: http://secunia.com/advisories/29602/
Whiteboard: A3 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2008-04-01 13:55 UTC by Robert Buchholz (RETIRED)
Modified: 2008-04-05 12:55 UTC (History)
4 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Robert Buchholz (RETIRED) gentoo-dev 2008-04-01 13:55:10 UTC
Secunia:
A weakness has been reported in OpenSSH, which can be exploited by
malicious, local users to bypass certain security restrictions.

The weakness is caused due to the improper implementation of the
"ForceCommand" directive. This can be exploited to execute arbitrary
commands via the ~/.ssh/rc file even if a "ForceCommand" directive is
in effect.

The weakness is reported in versions prior to 4.9 and 4.9p1.

SOLUTION:
Update to version 4.9 or 4.9p1.

PROVIDED AND/OR DISCOVERED BY:
Reported by the vendor.

ORIGINAL ADVISORY:
http://marc.info/?l=openssh-unix-dev&m=120692745026265&w=2
Comment 1 SpanKY gentoo-dev 2008-04-01 15:38:56 UTC
if we could get a small diff for 4.7_p1, that would be best ...
Comment 2 Robert Buchholz (RETIRED) gentoo-dev 2008-04-01 16:04:31 UTC
The patch is here: ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.3/common/001_openssh.patch
Comment 3 SpanKY gentoo-dev 2008-04-01 18:43:15 UTC
openssh-4.7_p1-r6 in the tree then with that one fix, thanks

openssh-4.9_p1 is also in the tree, but it's missing updated patches, so stabilizing that version would just make users'/admins' lives painful
Comment 4 Robert Buchholz (RETIRED) gentoo-dev 2008-04-01 19:21:00 UTC
Arches, please test and mark stable:
=net-misc/openssh-4.7_p1-r6
Target keywords : "alpha amd64 arm hppa ia64 m68k ppc ppc64 release s390 sh sparc x86"
Comment 5 Christian Faulhammer (RETIRED) gentoo-dev 2008-04-01 22:53:36 UTC
x86 stable
Comment 6 Richard Freeman gentoo-dev 2008-04-02 00:41:49 UTC
amd64 stable
Comment 7 Raúl Porcel (RETIRED) gentoo-dev 2008-04-02 11:44:55 UTC
alpha/ia64/sparc stable
Comment 8 Markus Rothe (RETIRED) gentoo-dev 2008-04-02 15:52:35 UTC
ppc64 stable
Comment 9 Jeroen Roovers gentoo-dev 2008-04-02 16:04:56 UTC
Stable for HPPA.
Comment 10 Tobias Scherbaum (RETIRED) gentoo-dev 2008-04-03 16:55:24 UTC
ppc stable
Comment 11 Robert Buchholz (RETIRED) gentoo-dev 2008-04-03 22:39:54 UTC
request has been filed
Comment 12 Peter Volkov (RETIRED) gentoo-dev 2008-04-04 05:01:21 UTC
Fixed in release snapshot.
Comment 13 Robert Buchholz (RETIRED) gentoo-dev 2008-04-05 12:53:53 UTC
GLSA 200804-03
Comment 14 Robert Buchholz (RETIRED) gentoo-dev 2008-04-05 12:55:16 UTC
Fixed for ~arch in 5.0_p1