OpenSSH update removes vulnerabilities
The developers of OpenSSH have released version 4.4, closing three vulnerabilities in the process. The recently reported error in the implementation of SSHv1 is likely also included therein. Two of the vulnerabilities can be exploited for denial-of-service attacks, while the last makes it easier to guess valid user names.
Under certain circumstances, one of the holes could have allowed for the planting of code. According to the developer's advisory, this applies only to portable OpenSSH, which is the version of OpenBSD ported to all other Unix derivations. Authentication, via Generic Security Services Application Program Interface (GSSAPI), an interface for security services, must also be activated. The developers nevertheless estimate the chances of an attack successfully using this hole, as very low. OpenSSH 4.4 also introduces new functions and removes several non-security related errors.
Linux distributors are likely to provide updated packages in the near future.
- OpenSSH 4.4 Releases, Announcement from OpenSSH