Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. Experienced User Forum
  4. Topic: OpenSSH Security patch
« previous next »
Pages: [1]   Go Down

OpenSSH Security patch

  • 2 Replies
  • 1033 Views

Jesper Knudsen

OpenSSH Security patch
« on: January 08, 2004, 01:12:02 PM »
All,

I have been running a security scan of my system with nessus and seem that I ought to update OpenSSH on my SME 6.0 system. I see no reason why this should not apply to a SME 5.6 as well.

I have found the needed RPM and updated succesfully.

I have placed them in my download area if you also want to update.

http://sme.swerts-knudsen.dk/downloads/openssh-3.7.1p2-2.i386.rpm
http://sme.swerts-knudsen.dk/downloads/openssh-clients-3.7.1p2-2.i386.rpm
http://sme.swerts-knudsen.dk/downloads/openssh-server-3.7.1p2-2.i386.rpm

Download them all and do a:

rpm -Uvh openssh-*

/Jesper
Logged

Charlie Brady

Re: OpenSSH Security patch
« Reply #1 on: January 08, 2004, 04:17:46 PM »
Jesper Knudsen wrote:

> I have been running a security scan of my system with nessus
> and seem that I ought to update OpenSSH on my SME 6.0 system.

Nessus is often wrong.

> http://sme.swerts-knudsen.dk/downloads/openssh-3.7.1p2-2.i386.rpm

SME 6.0 ships with openssh-3.7.1p1. The security changes in openssh-3.7.1p2 relate to platforms other than linux, or to configuration options which are not used in the SME server configuration. Feel free to upgrade, but I don't believe that it is necessary.

Regards

Charlie
Logged

Jesper Knudsen

Re: OpenSSH Security patch
« Reply #2 on: January 09, 2004, 10:10:04 AM »
Alright - now harm done though :-)

It also came with some security issues for IMP (webmail). Should they matter?

Otherwise the systems seem extremely safe - The conclussion is that the no serious holes found and the majority of hackers would look for something else.

I have taken the HTML viever for IMP 3.2.2 and used to fix this.

The remote server is running IMP version 3.0, 3.1, 3.2, or 3.2.1. These
versions are vulnerable to several cross-scripting attacks whereby an
attacker can cause a victim to unknowingly run arbitrary Javascript code
simply by reading an HTML message from the attacker.

Announcements of the vulnerabilities can be found at:

- http://marc.theaimsgroup.com/?l=imp&m=105940167329471&w=2
- http://marc.theaimsgroup.com/?l=imp&m=105981180431599&w=2
- http://marc.theaimsgroup.com/?l=imp&m=105990362513789&w=2

Note: Nessus has determined the vulnerability exists on the target
simply by looking at the version number of IMP installed there. If the
installation has already been patched, consider this a false positive.

Solution: Apply patches found in the announcements to
imp/lib/MIME/Viewer/html.php.

Risk factor : Serious
Nessus ID : 11815
Logged
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. Experienced User Forum
  4. Topic: OpenSSH Security patch