info
discussion
exploit
solution
references
OpenSSH Client Unauthorized Remote Forwarding Vulnerability
Solution:
The short term solution is unsetting the $DISPLAY and $SSH_AUTH_SOCK environment variables.
An upgrade that fixes the problem is available:
OpenBSD OpenSSH 2.2 .x
Debian 2.2 alpha ssh-askpass-gnome_1.2.3-9.1_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/ssh- askpass-gnome_1.2.3-9.1_alpha.deb
Debian 2.2 alpha ssh_1.2.3-9.1_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/ssh_ 1.2.3-9.1_alpha.deb
Debian 2.2 arm ssh-askpass-gnome_1.2.3-9.1_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/ssh-as kpass-gnome_1.2.3-9.1_arm.deb
Debian 2.2 arm ssh_1.2.3-9.1_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/ssh_1. 2.3-9.1_arm.deb
Debian 2.2 i386 ssh-askpass-gnome_1.2.3-9.1_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/ssh-a skpass-gnome_1.2.3-9.1_i386.deb
Debian 2.2 i386 ssh_1.2.3-9.1_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/ssh_1 .2.3-9.1_i386.deb
Debian 2.2 m68k ssh-askpass-gnome_1.2.3-9.1_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/ssh-a skpass-gnome_1.2.3-9.1_m68k.deb
Debian 2.2 m68k ssh_1.2.3-9.1_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/ssh_1 .2.3-9.1_m68k.deb
Debian 2.2 ppc ssh-askpass-gnome_1.2.3-9.1_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/ss h-askpass-gnome_1.2.3-9.1_powerpc.deb
Debian 2.2 ppc ssh_1.2.3-9.1_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/ss h_1.2.3-9.1_powerpc.deb
Debian 2.2 source openssh_1.2.3-9.1.diff.gz
http://security.debian.org/dists/stable/updates/main/source/openssh_1. 2.3-9.1.diff.gz
Debian 2.2 source openssh_1.2.3-9.1.dsc
http://security.debian.org/dists/stable/updates/main/source/openssh_1. 2.3-9.1.dsc
Debian 2.2 source openssh_1.2.3.orig.tar.gz
http://security.debian.org/dists/stable/updates/main/source/openssh_1. 2.3.orig.tar.gz
FreeBSD openssh.patch
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-01:01/openssh.patch
FreeBSD ports-3 i386 openssh-2.2.0.tgz
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-3-stable/securit y/openssh-2.2.0.tgz
FreeBSD ports-4 alpha openssh-2.2.0.tgz
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/alpha/packages-4-stable/securi ty/openssh-2.2.0.tgz
FreeBSD ports-4 i386 openssh-2.2.0.tgz
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/securit y/openssh-2.2.0.tgz
FreeBSD ports-5 alpha openssh-2.2.0.tgz
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/alpha/packages-5-current/secur ity/openssh-2.2.0.tgz
FreeBSD ports-5 i386 openssh-2.2.0.tgz
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-current/securi ty/openssh-2.2.0.tgz
MandrakeSoft 7.0 i386 openssh-2.3.0p1-7.3mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/7.0/RPMS/openssh-2 .3.0p1-7.3mdk.i586.rpm
MandrakeSoft 7.0 i386 openssh-askpass-2.3.0p1-7.3mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/7.0/RPMS/openssh-a skpass-2.3.0p1-7.3mdk.i586.rpm
MandrakeSoft 7.0 i386 openssh-askpass-gnome-2.3.0p1-7.3mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/7.0/RPMS/openssh-a skpass-gnome-2.3.0p1-7.3mdk.i586.rpm
MandrakeSoft 7.0 i386 openssh-clients-2.3.0p1-7.3mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/7.0/RPMS/openssh-c lients-2.3.0p1-7.3mdk.i586.rpm
MandrakeSoft 7.0 i386 openssh-server-2.3.0p1-7.3mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/7.0/RPMS/openssh-s erver-2.3.0p1-7.3mdk.i586.rpm
MandrakeSoft 7.0 source openssh-2.3.0p1-7.3mdk.src.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/7.0/SRPMS/openssh- 2.3.0p1-7.3mdk.src.rpm
MandrakeSoft 7.1 i386 openssh-2.3.0p1-7.3mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/7.1/RPMS/openssh-2 .3.0p1-7.3mdk.i586.rpm
MandrakeSoft 7.1 i386 openssh-askpass-2.3.0p1-7.3mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/7.1/RPMS/openssh-a skpass-2.3.0p1-7.3mdk.i586.rpm
MandrakeSoft 7.1 i386 openssh-askpass-gnome-2.3.0p1-7.3mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/7.1/RPMS/openssh-a skpass-gnome-2.3.0p1-7.3mdk.i586.rpm
MandrakeSoft 7.1 i386 openssh-clients-2.3.0p1-7.3mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/7.1/RPMS/openssh-c lients-2.3.0p1-7.3mdk.i586.rpm
MandrakeSoft 7.1 i386 openssh-server-2.3.0p1-7.3mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/7.1/RPMS/openssh-s erver-2.3.0p1-7.3mdk.i586.rpm
MandrakeSoft 7.1 source openssh-2.3.0p1-7.3mdk.src.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/7.1/SRPMS/openssh- 2.3.0p1-7.3mdk.src.rpm
MandrakeSoft 7.2 i386 openssh-2.3.0p1-7.1mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/7.2/RPMS/openssh-2 .3.0p1-7.1mdk.i586.rpm
MandrakeSoft 7.2 i386 openssh-askpass-2.3.0p1-7.1mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/7.2/RPMS/openssh-a skpass-2.3.0p1-7.1mdk.i586.rpm
MandrakeSoft 7.2 i386 openssh-askpass-gnome-2.3.0p1-7.1mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/7.2/RPMS/openssh-a skpass-gnome-2.3.0p1-7.1mdk.i586.rpm
MandrakeSoft 7.2 i386 openssh-clients-2.3.0p1-7.1mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/7.2/RPMS/openssh-c lients-2.3.0p1-7.1mdk.i586.rpm
MandrakeSoft 7.2 i386 openssh-server-2.3.0p1-7.1mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/7.2/RPMS/openssh-s erver-2.3.0p1-7.1mdk.i586.rpm
MandrakeSoft 7.2 source openssh-2.3.0p1-7.1mdk.src.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/7.2/SRPMS/openssh- 2.3.0p1-7.1mdk.src.rpm
OpenBSD openssh-2.3.0.tgz
ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/openssh-2.3.0.tgz
OpenBSD openssh-2.3.0p1.tar.gz
ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-2.3.0p1.tar .gz
Red Hat Inc. 7.0 alpha openssh-2.3.0p1-4.alpha.rpm
ftp://updates.redhat.com/7.0/alpha/openssh-2.3.0p1-4.alpha.rpm
Red Hat Inc. 7.0 alpha openssh-askpass-2.3.0p1-4.alpha.rpm
ftp://updates.redhat.com/7.0/alpha/openssh-askpass-2.3.0p1-4.alpha.rpm
Red Hat Inc. 7.0 alpha openssh-askpass-gnome-2.3.0p1-4.alpha.rpm
ftp://updates.redhat.com/7.0/alpha/openssh-askpass-gnome-2.3.0p1-4.alp ha.rpm
Red Hat Inc. 7.0 alpha openssh-clients-2.3.0p1-4.alpha.rpm
ftp://updates.redhat.com/7.0/alpha/openssh-clients-2.3.0p1-4.alpha.rpm
Red Hat Inc. 7.0 alpha openssh-server-2.3.0p1-4.alpha.rpm
ftp://updates.redhat.com/7.0/alpha/openssh-server-2.3.0p1-4.alpha.rpm
Red Hat Inc. 7.0 i386 openssh-2.3.0p1-4.i386.rpm
ftp://updates.redhat.com/7.0/i386/openssh-2.3.0p1-4.i386.rpm
Red Hat Inc. 7.0 i386 openssh-askpass-2.3.0p1-4.i386.rpm
ftp://updates.redhat.com/7.0/i386/openssh-askpass-2.3.0p1-4.i386.rpm
Red Hat Inc. 7.0 i386 openssh-askpass-gnome-2.3.0p1-4.i386.rpm
ftp://updates.redhat.com/7.0/i386/openssh-askpass-gnome-2.3.0p1-4.i386 .rpm
Red Hat Inc. 7.0 i386 openssh-clients-2.3.0p1-4.i386.rpm
ftp://updates.redhat.com/7.0/i386/openssh-clients-2.3.0p1-4.i386.rpm
Red Hat Inc. 7.0 i386 openssh-server-2.3.0p1-4.i386.rpm
ftp://updates.redhat.com/7.0/i386/openssh-server-2.3.0p1-4.i386.rpm
Privacy Statement
Copyright 2010, SecurityFocus
