• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

OpenSSH Key Based Source IP Access Control Bypass Vulnerability

Solution:
Upgrades are available.


RedHat openssh-askpass-2.1.1p4-1.i386.rpm

• Red Hat 7.0 i386 openssh-askpass-2.9p2-10.7.i386.rpm
  ftp://updates.redhat.com/7.0/en/os/i386/openssh-askpass-2.9p2-10.7.i38 6.rpm

RedHat openssh-clients-2.1.1p4-1.i386.rpm

• Red Hat 7.0 i386 openssh-clients-2.9p2-10.7.i386.rpm
  ftp://updates.redhat.com/7.0/en/os/i386/openssh-clients-2.9p2-10.7.i38 6.rpm

RedHat openssh-server-2.1.1p4-1.i386.rpm

• Red Hat 7.0 i386 openssh-server-2.9p2-10.7.i386.rpm
  ftp://updates.redhat.com/7.0/en/os/i386/openssh-server-2.9p2-10.7.i386 .rpm

RedHat openssh-2.9p2-7.i386.rpm

• Red Hat 7.2 i386 openssh-2.9p2-11.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/openssh-2.9p2-11.i386.rpm

RedHat openssh-askpass-gnome-2.9p2-7.i386.rpm

• Red Hat 7.2 i386 openssh-askpass-gnome-2.9p2-11.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/openssh-askpass-gnome-2.9p2-11 .i386.rpm

RedHat openssh-2.5.2p2-5.i386.rpm

• Red Hat 7.1 i386 openssh-2.9p2-10.7.i386.rpm
  ftp://updates.redhat.com/7.1/en/os/i386/openssh-2.9p2-10.7.i386.rpm

RedHat openssh-askpass-2.9p2-7.i386.rpm

• Red Hat 7.2 i386 openssh-askpass-2.9p2-11.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/openssh-askpass-2.9p2-11.i386. rpm

RedHat openssh-2.1.1p4-1.i386.rpm

• Red Hat 7.0 i386 openssh-2.9p2-10.7.i386.rpm
  ftp://updates.redhat.com/7.0/en/os/i386/openssh-2.9p2-10.7.i386.rpm

RedHat openssh-askpass-gnome-2.1.1p4-1.i386.rpm

• Red Hat 7.0 i386 openssh-askpass-gnome-2.9p2-10.7.i386.rpm
  ftp://updates.redhat.com/7.0/en/os/i386/openssh-askpass-gnome-2.9p2-10 .7.i386.rpm

RedHat openssh-server-2.5.2p2-5.i386.rpm

• Red Hat 7.1 i386 openssh-server-2.9p2-10.7.i386.rpm
  ftp://updates.redhat.com/7.1/en/os/i386/openssh-server-2.9p2-10.7.i386 .rpm

RedHat openssh-askpass-gnome-2.5.2p2-5.i386.rpm

• Red Hat 7.1 i386 openssh-askpass-gnome-2.9p2-10.7.i386.rpm
  ftp://updates.redhat.com/7.1/en/os/i386/openssh-askpass-gnome-2.9p2-10 .7.i386.rpm

RedHat openssh-clients-2.9p2-7.i386.rpm

• Red Hat 7.2 i386 openssh-clients-2.9p2-11.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/openssh-clients-2.9p2-11.i386. rpm

RedHat openssh-clients-2.5.2p2-5.i386.rpm

• Red Hat 7.1 i386 openssh-clients-2.9p2-10.7.i386.rpm
  ftp://updates.redhat.com/7.1/en/os/i386/openssh-clients-2.9p2-10.7.i38 6.rpm

RedHat openssh-server-2.9p2-7.i386.rpm

• Red Hat 7.2 i386 openssh-server-2.9p2-11.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/openssh-server-2.9p2-11.i386.r pm

RedHat openssh-askpass-2.5.2p2-5.i386.rpm

• Red Hat 7.1 i386 openssh-askpass-2.9p2-10.7.i386.rpm
  ftp://updates.redhat.com/7.1/en/os/i386/openssh-askpass-2.9p2-10.7.i38 6.rpm

OpenSSH OpenSSH 2.5

• OpenSSH OpenSSH 2.2.9 (OpenBSD)
  ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/openssh-2.9.9.tgz

OpenSSH OpenSSH 2.5.1

• OpenSSH OpenSSH 2.2.9 (OpenBSD)
  ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/openssh-2.9.9.tgz

OpenSSH OpenSSH 2.5.2

• OpenSSH OpenSSH 2.2.9 (OpenBSD)
  ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/openssh-2.9.9.tgz

OpenSSH OpenSSH 2.9

• OpenSSH openssh.key.acl.patch
  http://www.securityfocus.com/data/vulnerabilities/patches/openssh.key. acl.patch


• OpenSSH OpenSSH 2.2.9 (OpenBSD)
  ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/openssh-2.9.9.tgz

OpenSSH OpenSSH 2.9 p2

• Immunix 7.0 openssh-2.9.9p2-1.0_imnx.i386.rpm
  ftp://ftp.ibiblio.org/pub/Linux/distributions/immunix/7.0/updates/RPMS /openssh-2.9.9p2-1.0_imnx.i386.rpm


• Immunix 7.0 openssh-askpass-2.9.9p2-1.0_imnx.i386.rpm
  ftp://ftp.ibiblio.org/pub/Linux/distributions/immunix/7.0/updates/RPMS /openssh-askpass-2.9.9p2-1.0_imnx.i386.rpm


• Immunix 7.0 openssh-clients-2.9.9p2-1.0_imnx.i386.rpm
  ftp://ftp.ibiblio.org/pub/Linux/distributions/immunix/7.0/updates/RPMS /


• Immunix 7.0 openssh-server-2.9.9p2-1.0_imnx.i386.rpm
  ftp://ftp.ibiblio.org/pub/Linux/distributions/immunix/7.0/updates/RPMS /openssh-server-2.9.9p2-1.0_imnx.i386.rpm


• MandrakeSoft 1.0.1 openssh-2.9.9p2-2.4mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• MandrakeSoft 1.0.1 openssh-askpass-2.9.9p2-2.4mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• MandrakeSoft 1.0.1 openssh-clients-2.9.9p2-2.4mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• MandrakeSoft 1.0.1 openssh-server-2.9.9p2-2.4mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• MandrakeSoft 7.1 openssh-askpass-2.9.9p2-2.4mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• MandrakeSoft 7.1 openssh-askpass-gnome-2.9.9p2-2.4mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• MandrakeSoft 7.1 openssh-clients-2.9.9p2-2.4mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• MandrakeSoft 7.1 openssh-server-2.9.9p2-2.4mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• MandrakeSoft 7.2 openssh-2.9.9p2-2.3mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• MandrakeSoft 7.2 openssh-askpass-2.9.9p2-2.3mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• MandrakeSoft 7.2 openssh-askpass-gnome-2.9.9p2-2.3mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• MandrakeSoft 7.2 openssh-clients-2.9.9p2-2.3mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• MandrakeSoft 7.2 openssh-server-2.9.9p2-2.3mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• MandrakeSoft 8.0 openssh-2.9.9p2-2.2mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• MandrakeSoft 8.0 openssh-askpass-2.9.9p2-2.2mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• MandrakeSoft 8.0 openssh-askpass-gnome-2.9.9p2-2.2mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• MandrakeSoft 8.0 openssh-clients-2.9.9p2-2.2mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• MandrakeSoft 8.0 openssh-server-2.9.9p2-2.2mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• MandrakeSoft 8.0 ppc openssh-2.9.9p2-2.2mdk.ppc.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• MandrakeSoft 8.0 ppc openssh-askpass-2.9.9p2-2.2mdk.ppc.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• MandrakeSoft 8.0 ppc openssh-askpass-gnome-2.9.9p2-2.2mdk.ppc.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• MandrakeSoft 8.0 ppc openssh-clients-2.9.9p2-2.2mdk.ppc.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• MandrakeSoft 8.0 ppc openssh-server-2.9.9p2-2.2mdk.ppc.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• MandrakeSoft 8.1 openssh-2.9.9p2-2.1mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• MandrakeSoft 8.1 openssh-askpass-2.9.9p2-2.1mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• MandrakeSoft 8.1 openssh-askpass-gnome-2.9.9p2-2.1mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• MandrakeSoft 8.1 openssh-clients-2.9.9p2-2.1mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• MandrakeSoft 8.1 openssh-server-2.9.9p2-2.1mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• MandrakeSoft snf7.2 openssh-2.9.9p2-2.3mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• MandrakeSoft snf7.2 openssh-askpass-2.9.9p2-2.3mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• MandrakeSoft snf7.2 openssh-askpass-gnome-2.9.9p2-2.3mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• MandrakeSoft snf7.2 openssh-clients-2.9.9p2-2.3mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• MandrakeSoft snf7.2 openssh-server-2.9.9p2-2.3mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• Trustix 1.1 openssh-2.9.9p2-2tr.i586.rpm
  http://www.trustix.net/pub/Trustix/updates/


• Trustix 1.1 openssh-clients-2.9.9p2-2tr.i586.rpm
  http://www.trustix.net/pub/Trustix/updates/


• Trustix 1.1 openssh-server-2.9.9p2-2tr.i586.rpm
  http://www.trustix.net/pub/Trustix/updates/


• Trustix 1.2 openssh-2.9.9p2-2tr.i586.rpm
  http://www.trustix.net/pub/Trustix/updates/


• Trustix 1.2 openssh-clients-2.9.9p2-2tr.i586.rpm
  http://www.trustix.net/pub/Trustix/updates/


• Trustix 1.2 openssh-server-2.9.9p2-2tr.i586.rpm
  http://www.trustix.net/pub/Trustix/updates/


• Trustix 1.5 openssh-2.9.9p2-2tr.i586.rpm
  http://www.trustix.net/pub/Trustix/updates/


• Trustix 1.5 openssh-clients-2.9.9p2-2tr.i586.rpm
  http://www.trustix.net/pub/Trustix/updates/


• Trustix 1.5 openssh-server-2.9.9p2-2tr.i586.rpm
  http://www.trustix.net/pub/Trustix/updates/