• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

OpenSSH UseLogin Environment Variable Passing Vulnerability

Solution:
Update available:


OpenBSD OpenSSH 1.2.3

• Debian 2.2 alpha ssh-askpass-gnome_1.2.3-9.4_alpha.deb
  http://security.debian.org/dists/stable/updates/main/binary-alpha/ssh- askpass-gnome_1.2.3-9.4_alpha.deb


• Debian 2.2 alpha ssh_1.2.3-9.4_alpha.deb
  http://security.debian.org/dists/stable/updates/main/binary-alpha/ssh_ 1.2.3-9.4_alpha.deb


• Debian 2.2 arm ssh-askpass-gnome_1.2.3-9.4_arm.deb
  http://security.debian.org/dists/stable/updates/main/binary-arm/ssh-as kpass-gnome_1.2.3-9.4_arm.deb


• Debian 2.2 arm ssh_1.2.3-9.4_arm.deb
  http://security.debian.org/dists/stable/updates/main/binary-arm/ssh_1. 2.3-9.4_arm.deb


• Debian 2.2 i386 ssh-askpass-gnome_1.2.3-9.4_i386.deb
  http://security.debian.org/dists/stable/updates/main/binary-i386/ssh-a skpass-gnome_1.2.3-9.4_i386.deb


• Debian 2.2 i386 ssh_1.2.3-9.4_i386.deb
  http://security.debian.org/dists/stable/updates/main/binary-i386/ssh_1 .2.3-9.4_i386.deb


• Debian 2.2 m68k ssh-askpass-gnome_1.2.3-9.4_m68k.deb
  http://security.debian.org/dists/stable/updates/main/binary-m68k/ssh-a skpass-gnome_1.2.3-9.4_m68k.deb


• Debian 2.2 m68k ssh_1.2.3-9.4_m68k.deb
  http://security.debian.org/dists/stable/updates/main/binary-m68k/ssh_1 .2.3-9.4_m68k.deb


• Debian 2.2 ppc ssh-askpass-gnome_1.2.3-9.4_powerpc.deb
  http://security.debian.org/dists/stable/updates/main/binary-powerpc/ss h-askpass-gnome_1.2.3-9.4_powerpc.deb


• Debian 2.2 ppc ssh_1.2.3-9.4_powerpc.deb
  http://security.debian.org/dists/stable/updates/main/binary-powerpc/ss h_1.2.3-9.4_powerpc.deb


• Debian 2.2 sparc ssh-askpass-gnome_1.2.3-9.4_sparc.deb
  http://security.debian.org/dists/stable/updates/main/binary-sparc/ssh- askpass-gnome_1.2.3-9.4_sparc.deb


• Debian 2.2 sparc ssh_1.2.3-9.4_sparc.deb
  http://security.debian.org/dists/stable/updates/main/binary-sparc/ssh_ 1.2.3-9.4_sparc.deb

OpenBSD OpenSSH 2.1.1 p1

• Trustix 1.1 i386 openssh-3.0.2p1-2tr.i586.rpm
  ftp://ftp.trustix.net/pub/Trustix/updates/1.1/RPMS/openssh-3.0.2p1-2tr .i586.rpm


• Trustix 1.1 i386 openssh-clients-3.0.2p1-2tr.i586.rpm
  ftp://ftp.trustix.net/pub/Trustix/updates/1.1/RPMS/openssh-clients-3.0 .2p1-2tr.i586.rpm


• Trustix 1.1 i386 openssh-server-3.0.2p1-2tr.i586.rpm
  ftp://ftp.trustix.net/pub/Trustix/updates/1.1/RPMS/openssh-server-3.0. 2p1-2tr.i586.rpm


• Trustix 1.2 i386 openssh-3.0.2p1-2tr.i586.rpm
  ftp://ftp.trustix.net/pub/Trustix/updates/1.2/RPMS/openssh-3.0.2p1-2tr .i586.rpm


• Trustix 1.2 i386 openssh-clients-3.0.2p1-2tr.i586.rpm
  ftp://ftp.trustix.net/pub/Trustix/updates/1.2/RPMS/openssh-clients-3.0 .2p1-2tr.i586.rpm


• Trustix 1.2 i386 openssh-server-3.0.2p1-2tr.i586.rpm
  ftp://ftp.trustix.net/pub/Trustix/updates/1.2/RPMS/openssh-server-3.0. 2p1-2tr.i586.rpm


• Trustix 1.5 i386 openssh-3.0.2p1-2tr.i586.rpm
  ftp://ftp.trustix.net/pub/Trustix/updates/1.5/RPMS/openssh-3.0.2p1-2tr .i586.rpm


• Trustix 1.5 i386 openssh-clients-3.0.2p1-2tr.i586.rpm
  ftp://ftp.trustix.net/pub/Trustix/updates/1.5/RPMS/openssh-clients-3.0 .2p1-2tr.i586.rpm


• Trustix 1.5 i386 openssh-server-3.0.2p1-2tr.i586.rpm
  ftp://ftp.trustix.net/pub/Trustix/updates/1.5/RPMS/openssh-server-3.0. 2p1-2tr.i586.rpm

OpenBSD OpenSSH 2.9 p2

• Caldera OpenLinux 3.1 Server openssh-2.9p2-4.i386.rpm
  ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/RPMS/op enssh-2.9p2-4.i386.rpm


• Caldera OpenLinux 3.1 Server openssh-askpass-2.9p2-4.i386.rpm
  ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/RPMS/op enssh-askpass-2.9p2-4.i386.rpm


• Caldera OpenLinux 3.1 Server openssh-server-2.9p2-4.i386.rpm
  ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/RPMS/op enssh-server-2.9p2-4.i386.rpm


• Caldera OpenLinux 3.1 Workstation openssh-2.9p2-4.i386.rpm
  ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/RP MS/openssh-2.9p2-4.i386.rpm


• Caldera OpenLinux 3.1 Workstation openssh-askpass-2.9p2-4.i386.rpm
  ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/RP MS/openssh-askpass-2.9p2-4.i386.rpm


• Caldera OpenLinux 3.1 Workstation openssh-server-2.9p2-4.i386.rpm
  ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/RP MS/openssh-server-2.9p2-4.i386.rpm


• Red Hat 7.0 alpha openssh-2.9p2-11.7.alpha.rpm
  ftp://updates.redhat.com/7.0/en/os/alpha/openssh-2.9p2-11.7.alpha.rpm


• Red Hat 7.0 alpha openssh-askpass-2.9p2-11.7.alpha.rpm
  ftp://updates.redhat.com/7.0/en/os/alpha/openssh-askpass-2.9p2-11.7.al pha.rpm


• Red Hat 7.0 alpha openssh-askpass-gnome-2.9p2-11.7.alpha.rpm
  ftp://updates.redhat.com/7.0/en/os/alpha/openssh-askpass-gnome-2.9p2-1 1.7.alpha.rpm


• Red Hat 7.0 alpha openssh-clients-2.9p2-11.7.alpha.rpm
  ftp://updates.redhat.com/7.0/en/os/alpha/openssh-clients-2.9p2-11.7.al pha.rpm


• Red Hat 7.0 alpha openssh-server-2.9p2-11.7.alpha.rpm
  ftp://updates.redhat.com/7.0/en/os/alpha/openssh-server-2.9p2-11.7.alp ha.rpm


• Red Hat 7.0 i386 openssh-2.9p2-11.7.i386.rpm
  ftp://updates.redhat.com/7.0/en/os/i386/openssh-2.9p2-11.7.i386.rpm


• Red Hat 7.0 i386 openssh-askpass-2.9p2-11.7.i386.rpm
  ftp://updates.redhat.com/7.0/en/os/i386/openssh-askpass-2.9p2-11.7.i38 6.rpm


• Red Hat 7.0 i386 openssh-askpass-gnome-2.9p2-11.7.i386.rpm
  ftp://updates.redhat.com/7.0/en/os/i386/openssh-askpass-gnome-2.9p2-11 .7.i386.rpm


• Red Hat 7.0 i386 openssh-clients-2.9p2-11.7.i386.rpm
  ftp://updates.redhat.com/7.0/en/os/i386/openssh-clients-2.9p2-11.7.i38 6.rpm


• Red Hat 7.0 i386 openssh-server-2.9p2-11.7.i386.rpm
  ftp://updates.redhat.com/7.0/en/os/i386/openssh-server-2.9p2-11.7.i386 .rpm


• Red Hat 7.1 alpha openssh-2.9p2-11.7.alpha.rpm
  ftp://updates.redhat.com/7.1/en/os/alpha/openssh-2.9p2-11.7.alpha.rpm


• Red Hat 7.1 alpha openssh-askpass-2.9p2-11.7.alpha.rpm
  ftp://updates.redhat.com/7.1/en/os/alpha/openssh-askpass-2.9p2-11.7.al pha.rpm


• Red Hat 7.1 alpha openssh-askpass-gnome-2.9p2-11.7.alpha.rpm
  ftp://updates.redhat.com/7.1/en/os/alpha/openssh-askpass-gnome-2.9p2-1 1.7.alpha.rpm


• Red Hat 7.1 alpha openssh-clients-2.9p2-11.7.alpha.rpm
  ftp://updates.redhat.com/7.1/en/os/alpha/openssh-clients-2.9p2-11.7.al pha.rpm


• Red Hat 7.1 alpha openssh-server-2.9p2-11.7.alpha.rpm
  ftp://updates.redhat.com/7.1/en/os/alpha/openssh-server-2.9p2-11.7.alp ha.rpm


• Red Hat 7.1 i386 openssh-2.9p2-11.7.i386.rpm
  ftp://updates.redhat.com/7.1/en/os/i386/openssh-2.9p2-11.7.i386.rpm


• Red Hat 7.1 i386 openssh-askpass-2.9p2-11.7.i386.rpm
  ftp://updates.redhat.com/7.1/en/os/i386/openssh-askpass-2.9p2-11.7.i38 6.rpm


• Red Hat 7.1 i386 openssh-askpass-gnome-2.9p2-11.7.i386.rpm
  ftp://updates.redhat.com/7.1/en/os/i386/openssh-askpass-gnome-2.9p2-11 .7.i386.rpm


• Red Hat 7.1 i386 openssh-clients-2.9p2-11.7.i386.rpm
  ftp://updates.redhat.com/7.1/en/os/i386/openssh-clients-2.9p2-11.7.i38 6.rpm


• Red Hat 7.1 i386 openssh-server-2.9p2-11.7.i386.rpm
  ftp://updates.redhat.com/7.1/en/os/i386/openssh-server-2.9p2-11.7.i386 .rpm


• Red Hat 7.1 ia64 openssh-2.9p2-11.7.ia64.rpm
  ftp://updates.redhat.com/7.1/en/os/ia64/openssh-2.9p2-11.7.ia64.rpm


• Red Hat 7.1 ia64 openssh-askpass-2.9p2-11.7.ia64.rpm
  ftp://updates.redhat.com/7.1/en/os/ia64/openssh-askpass-2.9p2-11.7.ia6 4.rpm


• Red Hat 7.1 ia64 openssh-askpass-gnome-2.9p2-11.7.ia64.rpm
  ftp://updates.redhat.com/7.1/en/os/ia64/openssh-askpass-gnome-2.9p2-11 .7.ia64.rpm


• Red Hat 7.1 ia64 openssh-clients-2.9p2-11.7.ia64.rpm
  ftp://updates.redhat.com/7.1/en/os/ia64/openssh-clients-2.9p2-11.7.ia6 4.rpm


• Red Hat 7.1 ia64 openssh-server-2.9p2-11.7.ia64.rpm
  ftp://updates.redhat.com/7.1/en/os/ia64/openssh-server-2.9p2-11.7.ia64 .rpm


• Red Hat 7.2 i386 openssh-2.9p2-12.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/openssh-2.9p2-12.i386.rpm


• Red Hat 7.2 i386 openssh-askpass-2.9p2-12.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/openssh-askpass-2.9p2-12.i386. rpm


• Red Hat 7.2 i386 openssh-askpass-gnome-2.9p2-12.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/openssh-askpass-gnome-2.9p2-12 .i386.rpm


• Red Hat 7.2 i386 openssh-clients-2.9p2-12.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/openssh-clients-2.9p2-12.i386. rpm


• Red Hat 7.2 i386 openssh-server-2.9p2-12.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/openssh-server-2.9p2-12.i386.r pm

OpenBSD OpenSSH 2.9 p1

• Caldera eDesktop 2.4 openssh-2.9p2-4.i386.rpm
  ftp://ftp.caldera.com/pub/updates/eDesktop/2.4/current/RPMS/openssh-2. 9p2-4.i386.rpm


• Caldera eDesktop 2.4 openssh-askpass-2.9p2-4.i386.rpm
  ftp://ftp.caldera.com/pub/updates/eDesktop/2.4/current/RPMS/openssh-as kpass-2.9p2-4.i386.rpm


• Caldera eDesktop 2.4 openssh-server-2.9p2-4.i386.rpm
  ftp://ftp.caldera.com/pub/updates/eDesktop/2.4/current/RPMS/openssh-se rver-2.9p2-4.i386.rpm


• Caldera eServer 2.3.1 openssh-2.9p2-4.i386.rpm
  ftp://ftp.caldera.com/pub/updates/eServer/2.3/current/RPMS/openssh-2.9 p2-4.i386.rpm


• Caldera eServer 2.3.1 openssh-askpass-2.9p2-4.i386.rpm
  ftp://ftp.caldera.com/pub/updates/eServer/2.3/current/RPMS/openssh-ask pass-2.9p2-4.i386.rpm


• Caldera eServer 2.3.1 openssh-server-2.9p2-4.i386.rpm
  ftp://ftp.caldera.com/pub/updates/eServer/2.3/current/RPMS/openssh-ser ver-2.9p2-4.i386.rpm


• Mandrake 1.0.1 i586 openssh-3.0.2p1-1.4mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• Mandrake 1.0.1 i586 openssh-askpass-3.0.2p1-1.4mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• Mandrake 1.0.1 i586 openssh-askpass-gnome-3.0.2p1-1.4mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• Mandrake 1.0.1 i586 openssh-clients-3.0.2p1-1.4mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• Mandrake 1.0.1 i586 openssh-server-3.0.2p1-1.4mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• Mandrake 7.1 i586 openssh-3.0.2p1-1.4mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• Mandrake 7.1 i586 openssh-askpass-3.0.2p1-1.4mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• Mandrake 7.1 i586 openssh-askpass-gnome-3.0.2p1-1.4mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• Mandrake 7.1 i586 openssh-clients-3.0.2p1-1.4mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• Mandrake 7.1 i586 openssh-server-3.0.2p1-1.4mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• Mandrake 7.2 i586 openssh-3.0.2p1-1.3mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• Mandrake 7.2 i586 openssh-askpass-3.0.2p1-1.3mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• Mandrake 7.2 i586 openssh-askpass-gnome-3.0.2p1-1.3mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• Mandrake 7.2 i586 openssh-clients-3.0.2p1-1.3mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• Mandrake 7.2 i586 openssh-server-3.0.2p1-1.3mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• Mandrake 8.0 i586 openssh-3.0.2p1-1.2mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• Mandrake 8.0 i586 openssh-askpass-3.0.2p1-1.2mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• Mandrake 8.0 i586 openssh-askpass-gnome-3.0.2p1-1.2mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• Mandrake 8.0 i586 openssh-clients-3.0.2p1-1.2mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• Mandrake 8.0 i586 openssh-server-3.0.2p1-1.2mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• Mandrake 8.0 ppc openssh-3.0.2p1-1.2mdk.ppc.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• Mandrake 8.0 ppc openssh-askpass-3.0.2p1-1.2mdk.ppc.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• Mandrake 8.0 ppc openssh-askpass-gnome-3.0.2p1-1.2mdk.ppc.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• Mandrake 8.0 ppc openssh-clients-3.0.2p1-1.2mdk.ppc.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• Mandrake 8.0 ppc openssh-server-3.0.2p1-1.2mdk.ppc.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• Mandrake 8.1 i586 openssh-3.0.2p1-1.1mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• Mandrake 8.1 i586 openssh-askpass-3.0.2p1-1.1mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• Mandrake 8.1 i586 openssh-askpass-gnome-3.0.2p1-1.1mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• Mandrake 8.1 i586 openssh-clients-3.0.2p1-1.1mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• Mandrake 8.1 i586 openssh-server-3.0.2p1-1.1mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• Mandrake 8.1 ia64 openssh-3.0.2p1-1.1mdk.ia64.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• Mandrake 8.1 ia64 openssh-askpass-3.0.2p1-1.1mdk.ia64.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• Mandrake 8.1 ia64 openssh-askpass-gnome-3.0.2p1-1.1mdk.ia64.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• Mandrake 8.1 ia64 openssh-clients-3.0.2p1-1.1mdk.ia64.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• Mandrake 8.1 ia64 openssh-server-3.0.2p1-1.1mdk.ia64.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• Mandrake snf7.2 i586 openssh-3.0.2p1-1.3mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• Mandrake snf7.2 i586 openssh-askpass-3.0.2p1-1.3mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• Mandrake snf7.2 i586 openssh-askpass-gnome-3.0.2p1-1.3mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• Mandrake snf7.2 i586 openssh-clients-3.0.2p1-1.3mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• Mandrake snf7.2 i586 openssh-server-3.0.2p1-1.3mdk.i586.rpm
  http://www.linux-mandrake.com/en/ftp.php3


• OpenBSD OpenBSD 3.0.2p1
  ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openbsd-3.0.2p1.tar .gz

OpenBSD OpenSSH 2.9

• FreeBSD ports-4 openssh-3.0.2.tgz
  ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/securit y/openssh-3.0.2.tgz


• OpenBSD OpenSSH 3.0.2
  ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/openssh-3.0.2.tgz

OpenBSD OpenSSH 3.0

• OpenBSD OpenSSH 3.0.2
  ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/openssh-3.0.2.tgz

OpenBSD OpenSSH 3.0 p1

• OpenBSD OpenBSD 3.0.2p1
  ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openbsd-3.0.2p1.tar .gz

OpenBSD OpenSSH 3.0.1 p1

• OpenBSD OpenBSD 3.0.2p1
  ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openbsd-3.0.2p1.tar .gz

OpenBSD OpenSSH 3.0.1

• FreeBSD sshd.patch
  ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-01:63/sshd.patch


• FreeBSD ports-4 openssh-3.0.2.tgz
  ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/securit y/openssh-3.0.2.tgz


• OpenBSD OpenSSH 3.0.2
  ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/openssh-3.0.2.tgz