From owner-freebsd-announce Mon Jul 15 10: 2: 8 2002 Delivered-To: freebsd-announce@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 40F1137B401; Mon, 15 Jul 2002 10:01:57 -0700 (PDT) Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1FE0843E64; Mon, 15 Jul 2002 10:01:56 -0700 (PDT) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (jedgar@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.4/8.12.4) with ESMTP id g6FH1tJU062851; Mon, 15 Jul 2002 10:01:55 -0700 (PDT) (envelope-from security-advisories@freebsd.org) Received: (from jedgar@localhost) by freefall.freebsd.org (8.12.4/8.12.4/Submit) id g6FH1tQM062850; Mon, 15 Jul 2002 10:01:55 -0700 (PDT) Date: Mon, 15 Jul 2002 10:01:55 -0700 (PDT) Message-Id: <200207151701.g6FH1tQM062850@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: jedgar set sender to security-advisories@freebsd.org using -f From: FreeBSD Security Advisories To: FreeBSD Security Advisories Subject: FreeBSD Security Advisory FreeBSD-SA-02:31.openssh Reply-To: security-advisories@freebsd.org Sender: owner-freebsd-announce@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-02:31 Security Advisory The FreeBSD Project Topic: openssh contains remote vulnerability Category: core Module: OpenSSH Announced: 2002-07-15 Credits: ISS X-Force Theo DeRaadt Affects: FreeBSD-CURRENT between 2002-03-18 and 2002-06-25 Corrected: 2002-06-25 19:10:07 (HEAD) FreeBSD only: NO I. Background OpenSSH is a free implementation of the SSH protocol suite, and provides encrypted and authenticated remote login, file transfer and command execution. II. Problem Description SSH clients and servers communicate by exchanging discrete messages with a variable number of parameters. Due to the lack of sufficient integrity checks in a portion of the server code responsible for handling incoming SSH2_MSG_USERAUTH_INFO_RESPONSE messages, it was possible for a malicious client to send a message that would cause the server to overwrite portions of its memory with client-provided data. III. Impact An remote attacker using an SSH client modified to send carefully crafted SSH2_MSG_USERAUTH_INFO_RESPONSE to the server could obtain superuser privileges on the server. Please note that this problem only affects FreeBSD-CURRENT. No versions of FreeBSD-STABLE are or were ever vulnerable to this bug. IV. Workaround Do one of the following: 1) Disable SSH entirely. 2) Use a firewall to block incoming SSH connections from untrusted hosts. 3) Add the following line to /etc/ssh/sshd_config, and restart sshd. ChallengeResponseAuthentication no Note that this will prevent the use of OPIE and similar challenge- based authentication methods with SSH. V. Solution Update your system to the latest -CURRENT. VI. Correction details No correction details are provided in this advisory. VII. References -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) Comment: FreeBSD: The Power To Serve iQCVAwUBPTLiBVUuHi5z0oilAQFNAwQAoF1azTbsIiUc9O2VvIah+ueT5N3//qgf ka+t5I5FtL8wFDKJXXf3JWx9lqf+JkscrL4SpMyY/OmL2wagvUeVHan+pE9dXRnK YzFjdD8hP3GMiC1g0Dvwg9StoBs8kx+qP8dascS87Ql2QYo7aYcq6aageLSoy4Nj iRHaJB2gZP8= =nSnf -----END PGP SIGNATURE----- This is the moderated mailing list freebsd-announce. The list contains announcements of new FreeBSD capabilities, important events and project milestones. See also the FreeBSD Web pages at http://www.freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-announce" in the body of the message From owner-freebsd-announce Tue Jul 16 6:27:48 2002 Delivered-To: freebsd-announce@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 42C3E37B400 for ; Tue, 16 Jul 2002 03:13:39 -0700 (PDT) Received: from mailr.icl.se (mailr.icl.se [140.150.92.51]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1C4AB43E31 for ; Tue, 16 Jul 2002 03:13:38 -0700 (PDT) (envelope-from ltu@icl.se) Received: from swe20scan.ki.icl.se (swe20scan.ki.icl.se [140.150.92.249] (may be forged)) by mailr.icl.se (8.11.4/8.11.4) with SMTP id g6GADZP29951 for ; Tue, 16 Jul 2002 12:13:36 +0200 (CEST) Received: FROM dorsai.ki.icl.se BY swe20scan.ki.icl.se ; Tue Jul 16 12:13:35 2002 +0200 Received: from icl.se (swe20wltult.sweden.nordic.x [140.150.93.156]) by dorsai.ki.icl.se (8.11.3/8.11.3) with ESMTP id g6GAERD26073 for ; Tue, 16 Jul 2002 10:14:28 GMT Message-ID: <3D33F1CA.83A00FD5@icl.se> Date: Tue, 16 Jul 2002 12:13:30 +0200 From: Lars Tunkrans Reply-To: ltu@icl.se Organization: Fujitsu Services X-Mailer: Mozilla 4.77 [en] (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-announce@freebsd.org Subject: Nordu2003 Call for papers Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-announce@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Subject: Call For Papers NordU2003 5th NordU/USENIX Conference, General Technical (NordU2003) February 10 - 14, 2003 Aros Congress Center Vaesteraas, Sweden Important Dates Paper submissions due: September 2, 2002 Notification of acceptance: October 2, 2002 Camera-ready final papers due: December 2, 2002 Conference Organizers Program Chairs Martin Wahlen, Sound Foundation Poul-Henning Kamp, FreeBSD developer & consultant Program Committee Seppo Kauppinen, Lars Tunkrans, Fujitsu Services Kristen Nielsen, TDC TeleDanmark Network Division. Review Committee Jonas Skeppstedt, Lund University Marshall Kirk McKusick, Unix developer & consultant - formerly CSRG UCB. Julia Lawall, DIKU Brian A. LaMacchia, Microsoft Tutorial Coordinator Ulla Sandberg Organization Committee Anita Nilsson, UniForum Marknadskonsult Jan Saell, Irial Overview The NordU program committee solicits papers on topics related to UNIX and UNIX like systems and UNIX system administration. We especially encourage papers on novel techniques, architectures and methodologies. Topics of interest include but are not limited to: Security Security Audits Common Problems Mandatory Access Controls Operating Systems Virtual Memory File Systems Device Drivers Open Source/ Free UNIX Open Source projects Open Source methodologies Open Source case studies Economic Impacts High Performance Computing Clustering the GRID High Availability Clustering Storage Technologies Checkpoint Techniques. Mobile Computing IPv6 802.11b BlueTooth Software Development Languages Development Environments Change Management Interoperability Windows Standards Storage Area Network Interconnects UNIX drivers software Paper Submissions Submissions should be full papers of about 4000-6000 words. The maximum submission length is 14 single-spaced A4 pages, including figures, tables, and references, using an 11pt font. Submitted papers should be in PDF format. The committee will not review papers that exceed the length limit, or papers in other formats such as Word or HTML. Extended Abstracts are acceptable, if they provide sufficient detail. Submissions are due on September 2, 2002. The program committee and external readers will judge papers on technical merit, significance, relevance, and presentation. A good paper will demonstrate that the authors: Are attacking a significant problem, have devised an interesting, compelling solution, have demonstrated the practicality and benefits of the solution, have drawn appropriate conclusions, have clearly described what they have done, and have clearly articulated the advances beyond previous work. Please read the detailed USENIX author guidelines for more information. Accepted papers may be shepherded through an editorial review process by a member of the program committee. The NordU conference, like most conferences and journals, does not allow submissions that are substantially similar to works that are previously published or are under review for publication elsewhere. Papers accompanied by non-disclosure agreement forms will not be read or reviewed. Best Paper Awards Awards will be given for the best paper. Work-in-Progress Reports Would you like to share a provocative opinion, interesting preliminary work, or a cool idea that will provoke discussion? The NordU technical sessions will include slots for work-in-progress reports and "outrageous" opinion statements. We are particularly interested in presentations of student work. To submit, please send a proposal (one page or less) to the program committee at pgm03@nordu.org. Birds-of-a-Feather Sessions Birds-of-a-Feather sessions (BoFs) are informal gatherings organized by attendees interested in a particular topic. BoFs will be held in the evening. BoFs may be scheduled in advance by emailing the Program Committee at pgm03@nordu.org. BoFs may also be scheduled at the conference. Registration Materials Complete program and registration information will be available in December 2002 on the conference Web site. The information will be in both HTML and a printable PDF file. If you would like to receive the program booklet in print, please email your request, including your postal address, to: congrex@congrex.se This is the moderated mailing list freebsd-announce. The list contains announcements of new FreeBSD capabilities, important events and project milestones. See also the FreeBSD Web pages at http://www.freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-announce" in the body of the message