info
discussion
exploit
solution
references
OpenSSH UseLogin Environment Variable Passing Vulnerability
Solution:
Update available:
OpenBSD OpenSSH 1.2.3
Debian 2.2 alpha ssh-askpass-gnome_1.2.3-9.4_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/ssh- askpass-gnome_1.2.3-9.4_alpha.deb
Debian 2.2 alpha ssh_1.2.3-9.4_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/ssh_ 1.2.3-9.4_alpha.deb
Debian 2.2 arm ssh-askpass-gnome_1.2.3-9.4_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/ssh-as kpass-gnome_1.2.3-9.4_arm.deb
Debian 2.2 arm ssh_1.2.3-9.4_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/ssh_1. 2.3-9.4_arm.deb
Debian 2.2 i386 ssh-askpass-gnome_1.2.3-9.4_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/ssh-a skpass-gnome_1.2.3-9.4_i386.deb
Debian 2.2 i386 ssh_1.2.3-9.4_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/ssh_1 .2.3-9.4_i386.deb
Debian 2.2 m68k ssh-askpass-gnome_1.2.3-9.4_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/ssh-a skpass-gnome_1.2.3-9.4_m68k.deb
Debian 2.2 m68k ssh_1.2.3-9.4_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/ssh_1 .2.3-9.4_m68k.deb
Debian 2.2 ppc ssh-askpass-gnome_1.2.3-9.4_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/ss h-askpass-gnome_1.2.3-9.4_powerpc.deb
Debian 2.2 ppc ssh_1.2.3-9.4_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/ss h_1.2.3-9.4_powerpc.deb
Debian 2.2 sparc ssh-askpass-gnome_1.2.3-9.4_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/ssh- askpass-gnome_1.2.3-9.4_sparc.deb
Debian 2.2 sparc ssh_1.2.3-9.4_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/ssh_ 1.2.3-9.4_sparc.deb
OpenBSD OpenSSH 2.1.1 p1
Trustix 1.1 i386 openssh-3.0.2p1-2tr.i586.rpm
ftp://ftp.trustix.net/pub/Trustix/updates/1.1/RPMS/openssh-3.0.2p1-2tr .i586.rpm
Trustix 1.1 i386 openssh-clients-3.0.2p1-2tr.i586.rpm
ftp://ftp.trustix.net/pub/Trustix/updates/1.1/RPMS/openssh-clients-3.0 .2p1-2tr.i586.rpm
Trustix 1.1 i386 openssh-server-3.0.2p1-2tr.i586.rpm
ftp://ftp.trustix.net/pub/Trustix/updates/1.1/RPMS/openssh-server-3.0. 2p1-2tr.i586.rpm
Trustix 1.2 i386 openssh-3.0.2p1-2tr.i586.rpm
ftp://ftp.trustix.net/pub/Trustix/updates/1.2/RPMS/openssh-3.0.2p1-2tr .i586.rpm
Trustix 1.2 i386 openssh-clients-3.0.2p1-2tr.i586.rpm
ftp://ftp.trustix.net/pub/Trustix/updates/1.2/RPMS/openssh-clients-3.0 .2p1-2tr.i586.rpm
Trustix 1.2 i386 openssh-server-3.0.2p1-2tr.i586.rpm
ftp://ftp.trustix.net/pub/Trustix/updates/1.2/RPMS/openssh-server-3.0. 2p1-2tr.i586.rpm
Trustix 1.5 i386 openssh-3.0.2p1-2tr.i586.rpm
ftp://ftp.trustix.net/pub/Trustix/updates/1.5/RPMS/openssh-3.0.2p1-2tr .i586.rpm
Trustix 1.5 i386 openssh-clients-3.0.2p1-2tr.i586.rpm
ftp://ftp.trustix.net/pub/Trustix/updates/1.5/RPMS/openssh-clients-3.0 .2p1-2tr.i586.rpm
Trustix 1.5 i386 openssh-server-3.0.2p1-2tr.i586.rpm
ftp://ftp.trustix.net/pub/Trustix/updates/1.5/RPMS/openssh-server-3.0. 2p1-2tr.i586.rpm
OpenBSD OpenSSH 2.9 p2
Caldera OpenLinux 3.1 Server openssh-2.9p2-4.i386.rpm
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/RPMS/op enssh-2.9p2-4.i386.rpm
Caldera OpenLinux 3.1 Server openssh-askpass-2.9p2-4.i386.rpm
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/RPMS/op enssh-askpass-2.9p2-4.i386.rpm
Caldera OpenLinux 3.1 Server openssh-server-2.9p2-4.i386.rpm
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/RPMS/op enssh-server-2.9p2-4.i386.rpm
Caldera OpenLinux 3.1 Workstation openssh-2.9p2-4.i386.rpm
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/RP MS/openssh-2.9p2-4.i386.rpm
Caldera OpenLinux 3.1 Workstation openssh-askpass-2.9p2-4.i386.rpm
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/RP MS/openssh-askpass-2.9p2-4.i386.rpm
Caldera OpenLinux 3.1 Workstation openssh-server-2.9p2-4.i386.rpm
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/RP MS/openssh-server-2.9p2-4.i386.rpm
Red Hat 7.0 alpha openssh-2.9p2-11.7.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/openssh-2.9p2-11.7.alpha.rpm
Red Hat 7.0 alpha openssh-askpass-2.9p2-11.7.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/openssh-askpass-2.9p2-11.7.al pha.rpm
Red Hat 7.0 alpha openssh-askpass-gnome-2.9p2-11.7.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/openssh-askpass-gnome-2.9p2-1 1.7.alpha.rpm
Red Hat 7.0 alpha openssh-clients-2.9p2-11.7.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/openssh-clients-2.9p2-11.7.al pha.rpm
Red Hat 7.0 alpha openssh-server-2.9p2-11.7.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/openssh-server-2.9p2-11.7.alp ha.rpm
Red Hat 7.0 i386 openssh-2.9p2-11.7.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/openssh-2.9p2-11.7.i386.rpm
Red Hat 7.0 i386 openssh-askpass-2.9p2-11.7.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/openssh-askpass-2.9p2-11.7.i38 6.rpm
Red Hat 7.0 i386 openssh-askpass-gnome-2.9p2-11.7.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/openssh-askpass-gnome-2.9p2-11 .7.i386.rpm
Red Hat 7.0 i386 openssh-clients-2.9p2-11.7.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/openssh-clients-2.9p2-11.7.i38 6.rpm
Red Hat 7.0 i386 openssh-server-2.9p2-11.7.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/openssh-server-2.9p2-11.7.i386 .rpm
Red Hat 7.1 alpha openssh-2.9p2-11.7.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/openssh-2.9p2-11.7.alpha.rpm
Red Hat 7.1 alpha openssh-askpass-2.9p2-11.7.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/openssh-askpass-2.9p2-11.7.al pha.rpm
Red Hat 7.1 alpha openssh-askpass-gnome-2.9p2-11.7.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/openssh-askpass-gnome-2.9p2-1 1.7.alpha.rpm
Red Hat 7.1 alpha openssh-clients-2.9p2-11.7.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/openssh-clients-2.9p2-11.7.al pha.rpm
Red Hat 7.1 alpha openssh-server-2.9p2-11.7.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/openssh-server-2.9p2-11.7.alp ha.rpm
Red Hat 7.1 i386 openssh-2.9p2-11.7.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/openssh-2.9p2-11.7.i386.rpm
Red Hat 7.1 i386 openssh-askpass-2.9p2-11.7.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/openssh-askpass-2.9p2-11.7.i38 6.rpm
Red Hat 7.1 i386 openssh-askpass-gnome-2.9p2-11.7.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/openssh-askpass-gnome-2.9p2-11 .7.i386.rpm
Red Hat 7.1 i386 openssh-clients-2.9p2-11.7.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/openssh-clients-2.9p2-11.7.i38 6.rpm
Red Hat 7.1 i386 openssh-server-2.9p2-11.7.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/openssh-server-2.9p2-11.7.i386 .rpm
Red Hat 7.1 ia64 openssh-2.9p2-11.7.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/openssh-2.9p2-11.7.ia64.rpm
Red Hat 7.1 ia64 openssh-askpass-2.9p2-11.7.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/openssh-askpass-2.9p2-11.7.ia6 4.rpm
Red Hat 7.1 ia64 openssh-askpass-gnome-2.9p2-11.7.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/openssh-askpass-gnome-2.9p2-11 .7.ia64.rpm
Red Hat 7.1 ia64 openssh-clients-2.9p2-11.7.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/openssh-clients-2.9p2-11.7.ia6 4.rpm
Red Hat 7.1 ia64 openssh-server-2.9p2-11.7.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/openssh-server-2.9p2-11.7.ia64 .rpm
Red Hat 7.2 i386 openssh-2.9p2-12.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/openssh-2.9p2-12.i386.rpm
Red Hat 7.2 i386 openssh-askpass-2.9p2-12.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/openssh-askpass-2.9p2-12.i386. rpm
Red Hat 7.2 i386 openssh-askpass-gnome-2.9p2-12.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/openssh-askpass-gnome-2.9p2-12 .i386.rpm
Red Hat 7.2 i386 openssh-clients-2.9p2-12.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/openssh-clients-2.9p2-12.i386. rpm
Red Hat 7.2 i386 openssh-server-2.9p2-12.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/openssh-server-2.9p2-12.i386.r pm
OpenBSD OpenSSH 2.9 p1
Caldera eDesktop 2.4 openssh-2.9p2-4.i386.rpm
ftp://ftp.caldera.com/pub/updates/eDesktop/2.4/current/RPMS/openssh-2. 9p2-4.i386.rpm
Caldera eDesktop 2.4 openssh-askpass-2.9p2-4.i386.rpm
ftp://ftp.caldera.com/pub/updates/eDesktop/2.4/current/RPMS/openssh-as kpass-2.9p2-4.i386.rpm
Caldera eDesktop 2.4 openssh-server-2.9p2-4.i386.rpm
ftp://ftp.caldera.com/pub/updates/eDesktop/2.4/current/RPMS/openssh-se rver-2.9p2-4.i386.rpm
Caldera eServer 2.3.1 openssh-2.9p2-4.i386.rpm
ftp://ftp.caldera.com/pub/updates/eServer/2.3/current/RPMS/openssh-2.9 p2-4.i386.rpm
Caldera eServer 2.3.1 openssh-askpass-2.9p2-4.i386.rpm
ftp://ftp.caldera.com/pub/updates/eServer/2.3/current/RPMS/openssh-ask pass-2.9p2-4.i386.rpm
Caldera eServer 2.3.1 openssh-server-2.9p2-4.i386.rpm
ftp://ftp.caldera.com/pub/updates/eServer/2.3/current/RPMS/openssh-ser ver-2.9p2-4.i386.rpm
Mandrake 1.0.1 i586 openssh-3.0.2p1-1.4mdk.i586.rpm
http://www.linux-mandrake.com/en/ftp.php3
Mandrake 1.0.1 i586 openssh-askpass-3.0.2p1-1.4mdk.i586.rpm
http://www.linux-mandrake.com/en/ftp.php3
Mandrake 1.0.1 i586 openssh-askpass-gnome-3.0.2p1-1.4mdk.i586.rpm
http://www.linux-mandrake.com/en/ftp.php3
Mandrake 1.0.1 i586 openssh-clients-3.0.2p1-1.4mdk.i586.rpm
http://www.linux-mandrake.com/en/ftp.php3
Mandrake 1.0.1 i586 openssh-server-3.0.2p1-1.4mdk.i586.rpm
http://www.linux-mandrake.com/en/ftp.php3
Mandrake 7.1 i586 openssh-3.0.2p1-1.4mdk.i586.rpm
http://www.linux-mandrake.com/en/ftp.php3
Mandrake 7.1 i586 openssh-askpass-3.0.2p1-1.4mdk.i586.rpm
http://www.linux-mandrake.com/en/ftp.php3
Mandrake 7.1 i586 openssh-askpass-gnome-3.0.2p1-1.4mdk.i586.rpm
http://www.linux-mandrake.com/en/ftp.php3
Mandrake 7.1 i586 openssh-clients-3.0.2p1-1.4mdk.i586.rpm
http://www.linux-mandrake.com/en/ftp.php3
Mandrake 7.1 i586 openssh-server-3.0.2p1-1.4mdk.i586.rpm
http://www.linux-mandrake.com/en/ftp.php3
Mandrake 7.2 i586 openssh-3.0.2p1-1.3mdk.i586.rpm
http://www.linux-mandrake.com/en/ftp.php3
Mandrake 7.2 i586 openssh-askpass-3.0.2p1-1.3mdk.i586.rpm
http://www.linux-mandrake.com/en/ftp.php3
Mandrake 7.2 i586 openssh-askpass-gnome-3.0.2p1-1.3mdk.i586.rpm
http://www.linux-mandrake.com/en/ftp.php3
Mandrake 7.2 i586 openssh-clients-3.0.2p1-1.3mdk.i586.rpm
http://www.linux-mandrake.com/en/ftp.php3
Mandrake 7.2 i586 openssh-server-3.0.2p1-1.3mdk.i586.rpm
http://www.linux-mandrake.com/en/ftp.php3
Mandrake 8.0 i586 openssh-3.0.2p1-1.2mdk.i586.rpm
http://www.linux-mandrake.com/en/ftp.php3
Mandrake 8.0 i586 openssh-askpass-3.0.2p1-1.2mdk.i586.rpm
http://www.linux-mandrake.com/en/ftp.php3
Mandrake 8.0 i586 openssh-askpass-gnome-3.0.2p1-1.2mdk.i586.rpm
http://www.linux-mandrake.com/en/ftp.php3
Mandrake 8.0 i586 openssh-clients-3.0.2p1-1.2mdk.i586.rpm
http://www.linux-mandrake.com/en/ftp.php3
Mandrake 8.0 i586 openssh-server-3.0.2p1-1.2mdk.i586.rpm
http://www.linux-mandrake.com/en/ftp.php3
Mandrake 8.0 ppc openssh-3.0.2p1-1.2mdk.ppc.rpm
http://www.linux-mandrake.com/en/ftp.php3
Mandrake 8.0 ppc openssh-askpass-3.0.2p1-1.2mdk.ppc.rpm
http://www.linux-mandrake.com/en/ftp.php3
Mandrake 8.0 ppc openssh-askpass-gnome-3.0.2p1-1.2mdk.ppc.rpm
http://www.linux-mandrake.com/en/ftp.php3
Mandrake 8.0 ppc openssh-clients-3.0.2p1-1.2mdk.ppc.rpm
http://www.linux-mandrake.com/en/ftp.php3
Mandrake 8.0 ppc openssh-server-3.0.2p1-1.2mdk.ppc.rpm
http://www.linux-mandrake.com/en/ftp.php3
Mandrake 8.1 i586 openssh-3.0.2p1-1.1mdk.i586.rpm
http://www.linux-mandrake.com/en/ftp.php3
Mandrake 8.1 i586 openssh-askpass-3.0.2p1-1.1mdk.i586.rpm
http://www.linux-mandrake.com/en/ftp.php3
Mandrake 8.1 i586 openssh-askpass-gnome-3.0.2p1-1.1mdk.i586.rpm
http://www.linux-mandrake.com/en/ftp.php3
Mandrake 8.1 i586 openssh-clients-3.0.2p1-1.1mdk.i586.rpm
http://www.linux-mandrake.com/en/ftp.php3
Mandrake 8.1 i586 openssh-server-3.0.2p1-1.1mdk.i586.rpm
http://www.linux-mandrake.com/en/ftp.php3
Mandrake 8.1 ia64 openssh-3.0.2p1-1.1mdk.ia64.rpm
http://www.linux-mandrake.com/en/ftp.php3
Mandrake 8.1 ia64 openssh-askpass-3.0.2p1-1.1mdk.ia64.rpm
http://www.linux-mandrake.com/en/ftp.php3
Mandrake 8.1 ia64 openssh-askpass-gnome-3.0.2p1-1.1mdk.ia64.rpm
http://www.linux-mandrake.com/en/ftp.php3
Mandrake 8.1 ia64 openssh-clients-3.0.2p1-1.1mdk.ia64.rpm
http://www.linux-mandrake.com/en/ftp.php3
Mandrake 8.1 ia64 openssh-server-3.0.2p1-1.1mdk.ia64.rpm
http://www.linux-mandrake.com/en/ftp.php3
Mandrake snf7.2 i586 openssh-3.0.2p1-1.3mdk.i586.rpm
http://www.linux-mandrake.com/en/ftp.php3
Mandrake snf7.2 i586 openssh-askpass-3.0.2p1-1.3mdk.i586.rpm
http://www.linux-mandrake.com/en/ftp.php3
Mandrake snf7.2 i586 openssh-askpass-gnome-3.0.2p1-1.3mdk.i586.rpm
http://www.linux-mandrake.com/en/ftp.php3
Mandrake snf7.2 i586 openssh-clients-3.0.2p1-1.3mdk.i586.rpm
http://www.linux-mandrake.com/en/ftp.php3
Mandrake snf7.2 i586 openssh-server-3.0.2p1-1.3mdk.i586.rpm
http://www.linux-mandrake.com/en/ftp.php3
OpenBSD OpenBSD 3.0.2p1
ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openbsd-3.0.2p1.tar .gz
OpenBSD OpenSSH 2.9
FreeBSD ports-4 openssh-3.0.2.tgz
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/securit y/openssh-3.0.2.tgz
OpenBSD OpenSSH 3.0.2
ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/openssh-3.0.2.tgz
OpenBSD OpenSSH 3.0
OpenBSD OpenSSH 3.0.2
ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/openssh-3.0.2.tgz
OpenBSD OpenSSH 3.0 p1
OpenBSD OpenBSD 3.0.2p1
ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openbsd-3.0.2p1.tar .gz
OpenBSD OpenSSH 3.0.1 p1
OpenBSD OpenBSD 3.0.2p1
ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openbsd-3.0.2p1.tar .gz
OpenBSD OpenSSH 3.0.1
FreeBSD sshd.patch
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-01:63/sshd.patch
FreeBSD ports-4 openssh-3.0.2.tgz
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/securit y/openssh-3.0.2.tgz
OpenBSD OpenSSH 3.0.2
ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/openssh-3.0.2.tgz
Privacy Statement
Copyright 2010, SecurityFocus
