OpenSSH Key Based Source IP Access Control Bypass Vulnerability

Bugtraq ID: 3369
Class: Failure to Handle Exceptional Conditions
CVE:
Remote: Yes
Local: No
Published: Sep 26 2001 12:00AM
Updated: Sep 26 2001 12:00AM
Credit: Discovery credited to OpenSSH development team.
Vulnerable: Redhat openssh-server-2.9p2-7.i386.rpm
+ Redhat Linux 7.2
Redhat openssh-server-2.5.2p2-5.i386.rpm
+ Redhat Linux 7.1
Redhat openssh-server-2.1.1p4-1.i386.rpm
+ Redhat Linux 7.0
Redhat openssh-clients-2.9p2-7.i386.rpm
+ Redhat Linux 7.2
Redhat openssh-clients-2.5.2p2-5.i386.rpm
+ Redhat Linux 7.1
Redhat openssh-clients-2.1.1p4-1.i386.rpm
+ Redhat Linux 7.0
Redhat openssh-askpass-gnome-2.9p2-7.i386.rpm
+ Redhat Linux 7.2
Redhat openssh-askpass-gnome-2.5.2p2-5.i386.rpm
+ Redhat Linux 7.1
Redhat openssh-askpass-gnome-2.1.1p4-1.i386.rpm
+ Redhat Linux 7.0
Redhat openssh-askpass-2.9p2-7.i386.rpm
+ Redhat Linux 7.2
Redhat openssh-askpass-2.5.2p2-5.i386.rpm
+ Redhat Linux 7.1
Redhat openssh-askpass-2.1.1p4-1.i386.rpm
+ Redhat Linux 7.0
Redhat openssh-2.9p2-7.i386.rpm
+ Redhat Linux 7.2
Redhat openssh-2.5.2p2-5.i386.rpm
+ Redhat Linux 7.1
Redhat openssh-2.1.1p4-1.i386.rpm
+ Redhat Linux 7.0
OpenSSH OpenSSH 2.9 p2
+ Caldera OpenLinux Server 3.1.1
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Workstation 3.1.1
+ Caldera OpenLinux Workstation 3.1
+ FreeBSD FreeBSD 4.4 -RELENG
 + HP Secure OS software for Linux 1.0
+ Immunix Immunix OS 7.0
+ MandrakeSoft Corporate Server 1.0.1
+ MandrakeSoft Single Network Firewall 7.2
+ Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.0 ppc
 + Mandriva Linux Mandrake 8.0
+ Mandriva Linux Mandrake 7.2
+ Mandriva Linux Mandrake 7.1
+ Redhat Linux 7.2
+ Redhat Linux 7.1
+ Redhat Linux 7.0
+ Sun Cobalt RaQ 550
- SuSE Linux 7.3 sparc
 - SuSE Linux 7.3 ppc
 - SuSE Linux 7.3 i386
 - SuSE Linux 7.2 i386
 - SuSE Linux 7.1 x86
 - SuSE Linux 7.1 sparc
 - SuSE Linux 7.1 ppc
 - SuSE Linux 7.1 alpha
 OpenSSH OpenSSH 2.9 p1
- IBM AIX 4.3.3
- IBM AIX 4.3.2
- IBM AIX 4.3.1
- IBM AIX 4.3
OpenSSH OpenSSH 2.9
+ FreeBSD FreeBSD 4.6 -RELEASE
 + FreeBSD FreeBSD 4.6
+ FreeBSD FreeBSD 4.5 -RELEASE
 + FreeBSD FreeBSD 4.5
OpenSSH OpenSSH 2.5.2
- Caldera OpenUnix 8.0
- Caldera UnixWare 7.1.1
- Wirex Immunix OS 6.2
OpenSSH OpenSSH 2.5.1
+ NetBSD NetBSD 1.5.1
+ S.u.S.E. Linux Database Server 0
 + S.u.S.E. Linux Firewall on CD
+ S.u.S.E. SuSE eMail Server III
- SCO Open Server 5.0.6 a
 - SCO Open Server 5.0.6
- SCO Open Server 5.0.5
- SCO Open Server 5.0.4
- SCO Open Server 5.0.3
- SCO Open Server 5.0.2
- SCO Open Server 5.0.1
- SCO Open Server 5.0
+ SuSE Linux 7.3
+ SuSE Linux 7.2
+ SuSE Linux 7.1
+ SuSE SUSE Linux Enterprise Server 7
 OpenSSH OpenSSH 2.5
Not Vulnerable: OpenSSH OpenSSH 2.9.9
+ NetBSD NetBSD 1.5.2
+ SuSE Linux 7.3 sparc
 + SuSE Linux 7.3 ppc
 + SuSE Linux 7.3 i386
 + SuSE Linux 7.2


 

Privacy Statement
Copyright 2010, SecurityFocus