Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2005:527 - Security Advisory
Issued:
2005-10-05
Updated:
2005-10-05

RHSA-2005:527 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

openssh security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated openssh packages that fix a security issue, bugs, and add support
for recording login user IDs for audit are now available for Red Hat
Enterprise Linux 4.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

Description

OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation.

An error in the way OpenSSH handled GSSAPI credential delegation was
discovered. OpenSSH as distributed with Red Hat Enterprise Linux 4 contains
support for GSSAPI user authentication, typically used for supporting
Kerberos. On OpenSSH installations which have GSSAPI enabled, this flaw
could allow a user who sucessfully authenticates using a method other than
GSSAPI to be delegated with GSSAPI credentials. The Common Vulnerabilities
and Exposures project (cve.mitre.org) has assigned the name CAN-2005-2798
to this issue.

Additionally, the following bugs have been addressed:

The ssh command incorrectly failed when it was issued by the root user with
a non-default group set.

The sshd daemon could fail to properly close the client connection if
multiple X clients were forwarded over the connection and the client
session exited.

The sshd daemon could bind only on the IPv6 address family for X forwarding
if the port on IPv4 address family was already bound. The X forwarding did
not work in such cases.

This update also adds support for recording login user IDs for the auditing
service. The user ID is attached to the audit records generated from the
user's session.

All users of openssh should upgrade to these updated packages, which
contain backported patches to resolve these issues.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

Affected Products

  • Red Hat Enterprise Linux Server 4 x86_64
  • Red Hat Enterprise Linux Server 4 ia64
  • Red Hat Enterprise Linux Server 4 i386
  • Red Hat Enterprise Linux Workstation 4 x86_64
  • Red Hat Enterprise Linux Workstation 4 ia64
  • Red Hat Enterprise Linux Workstation 4 i386
  • Red Hat Enterprise Linux Desktop 4 x86_64
  • Red Hat Enterprise Linux Desktop 4 i386
  • Red Hat Enterprise Linux for IBM z Systems 4 s390x
  • Red Hat Enterprise Linux for IBM z Systems 4 s390
  • Red Hat Enterprise Linux for Power, big endian 4 ppc

Fixes

  • BZ - 159331 - sshd update for new audit system
  • BZ - 167444 - CAN-2005-2798 Improper GSSAPI credential delegation

CVEs

  • CVE-2005-2798
  • CVE-2008-1483

References

(none)

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 4

SRPM
openssh-3.9p1-8.RHEL4.9.src.rpm SHA-256: b345c41a69eab232084cd9e8d83df6810050a8becf4775fc9d10ebde1bda8cd3
x86_64
openssh-3.9p1-8.RHEL4.9.x86_64.rpm SHA-256: 15055aa0bb6ce3dbcf1b45b5ee74f42de25fc0cfa1e4630c0bd48effa585f045
openssh-3.9p1-8.RHEL4.9.x86_64.rpm SHA-256: 15055aa0bb6ce3dbcf1b45b5ee74f42de25fc0cfa1e4630c0bd48effa585f045
openssh-askpass-3.9p1-8.RHEL4.9.x86_64.rpm SHA-256: 33fe5cc96875e89ad947771cc45ac9d8bfc881313047a468537f9ad21f3333c0
openssh-askpass-3.9p1-8.RHEL4.9.x86_64.rpm SHA-256: 33fe5cc96875e89ad947771cc45ac9d8bfc881313047a468537f9ad21f3333c0
openssh-askpass-gnome-3.9p1-8.RHEL4.9.x86_64.rpm SHA-256: b39174fbd16067fac3efa0108c7f038e864deeb78008685429f703bd743b31af
openssh-askpass-gnome-3.9p1-8.RHEL4.9.x86_64.rpm SHA-256: b39174fbd16067fac3efa0108c7f038e864deeb78008685429f703bd743b31af
openssh-clients-3.9p1-8.RHEL4.9.x86_64.rpm SHA-256: 8b4ef4f47e32d61a694276e1b863842352c972b75b47ce12011693cc720c766d
openssh-clients-3.9p1-8.RHEL4.9.x86_64.rpm SHA-256: 8b4ef4f47e32d61a694276e1b863842352c972b75b47ce12011693cc720c766d
openssh-server-3.9p1-8.RHEL4.9.x86_64.rpm SHA-256: fc4dd2721a7693383b65c2b0b9bb72de69c3bd97f0bc2cdce9a1668ee9956dcb
openssh-server-3.9p1-8.RHEL4.9.x86_64.rpm SHA-256: fc4dd2721a7693383b65c2b0b9bb72de69c3bd97f0bc2cdce9a1668ee9956dcb
ia64
openssh-3.9p1-8.RHEL4.9.ia64.rpm SHA-256: f033bc93181e6f417df4d9f9cb4b0b1f054e59e0c227b1b27d45ef0fbb07ffb7
openssh-3.9p1-8.RHEL4.9.ia64.rpm SHA-256: f033bc93181e6f417df4d9f9cb4b0b1f054e59e0c227b1b27d45ef0fbb07ffb7
openssh-askpass-3.9p1-8.RHEL4.9.ia64.rpm SHA-256: ef48e1d4983b667bc52f5215ae6fc6a1f7d219c2e61be5df22650efe7455fefc
openssh-askpass-3.9p1-8.RHEL4.9.ia64.rpm SHA-256: ef48e1d4983b667bc52f5215ae6fc6a1f7d219c2e61be5df22650efe7455fefc
openssh-askpass-gnome-3.9p1-8.RHEL4.9.ia64.rpm SHA-256: 2b1b6b62cf867030400f314d7bf20f3532af8fe7152d6abc0dc943d9ea711903
openssh-askpass-gnome-3.9p1-8.RHEL4.9.ia64.rpm SHA-256: 2b1b6b62cf867030400f314d7bf20f3532af8fe7152d6abc0dc943d9ea711903
openssh-clients-3.9p1-8.RHEL4.9.ia64.rpm SHA-256: 5df6f979637d12dc370b8fc652dc3c2f2cfd5b7c4fdc580f1a7c6cae67def98b
openssh-clients-3.9p1-8.RHEL4.9.ia64.rpm SHA-256: 5df6f979637d12dc370b8fc652dc3c2f2cfd5b7c4fdc580f1a7c6cae67def98b
openssh-server-3.9p1-8.RHEL4.9.ia64.rpm SHA-256: bd1ce27e8a8648e27cce983d936a8d721075ced01b4e78a61301755f4ed55ae8
openssh-server-3.9p1-8.RHEL4.9.ia64.rpm SHA-256: bd1ce27e8a8648e27cce983d936a8d721075ced01b4e78a61301755f4ed55ae8
i386
openssh-3.9p1-8.RHEL4.9.i386.rpm SHA-256: 003061b45fd44ff9764f3dc83c776a73e88f708aaddc38217e431cbffb8971a6
openssh-3.9p1-8.RHEL4.9.i386.rpm SHA-256: 003061b45fd44ff9764f3dc83c776a73e88f708aaddc38217e431cbffb8971a6
openssh-askpass-3.9p1-8.RHEL4.9.i386.rpm SHA-256: 0455515d0d994c674abf6a093a04094e2177df570cf85dfad4c8aacca657f60e
openssh-askpass-3.9p1-8.RHEL4.9.i386.rpm SHA-256: 0455515d0d994c674abf6a093a04094e2177df570cf85dfad4c8aacca657f60e
openssh-askpass-gnome-3.9p1-8.RHEL4.9.i386.rpm SHA-256: 980857966a0eba1e9107ab597553ee89d9f2f8b995d099a80824f8c35c540391
openssh-askpass-gnome-3.9p1-8.RHEL4.9.i386.rpm SHA-256: 980857966a0eba1e9107ab597553ee89d9f2f8b995d099a80824f8c35c540391
openssh-clients-3.9p1-8.RHEL4.9.i386.rpm SHA-256: 411f456b6de8266d79f6ec3aefd35443421f0bd8acc9825bc5a49147715fe989
openssh-clients-3.9p1-8.RHEL4.9.i386.rpm SHA-256: 411f456b6de8266d79f6ec3aefd35443421f0bd8acc9825bc5a49147715fe989
openssh-server-3.9p1-8.RHEL4.9.i386.rpm SHA-256: 2292e601e912bbe93cb5e53323b5044974f8659da20f53df7cc5bd3c8a933afc
openssh-server-3.9p1-8.RHEL4.9.i386.rpm SHA-256: 2292e601e912bbe93cb5e53323b5044974f8659da20f53df7cc5bd3c8a933afc

Red Hat Enterprise Linux Workstation 4

SRPM
openssh-3.9p1-8.RHEL4.9.src.rpm SHA-256: b345c41a69eab232084cd9e8d83df6810050a8becf4775fc9d10ebde1bda8cd3
x86_64
openssh-3.9p1-8.RHEL4.9.x86_64.rpm SHA-256: 15055aa0bb6ce3dbcf1b45b5ee74f42de25fc0cfa1e4630c0bd48effa585f045
openssh-askpass-3.9p1-8.RHEL4.9.x86_64.rpm SHA-256: 33fe5cc96875e89ad947771cc45ac9d8bfc881313047a468537f9ad21f3333c0
openssh-askpass-gnome-3.9p1-8.RHEL4.9.x86_64.rpm SHA-256: b39174fbd16067fac3efa0108c7f038e864deeb78008685429f703bd743b31af
openssh-clients-3.9p1-8.RHEL4.9.x86_64.rpm SHA-256: 8b4ef4f47e32d61a694276e1b863842352c972b75b47ce12011693cc720c766d
openssh-server-3.9p1-8.RHEL4.9.x86_64.rpm SHA-256: fc4dd2721a7693383b65c2b0b9bb72de69c3bd97f0bc2cdce9a1668ee9956dcb
ia64
openssh-3.9p1-8.RHEL4.9.ia64.rpm SHA-256: f033bc93181e6f417df4d9f9cb4b0b1f054e59e0c227b1b27d45ef0fbb07ffb7
openssh-askpass-3.9p1-8.RHEL4.9.ia64.rpm SHA-256: ef48e1d4983b667bc52f5215ae6fc6a1f7d219c2e61be5df22650efe7455fefc
openssh-askpass-gnome-3.9p1-8.RHEL4.9.ia64.rpm SHA-256: 2b1b6b62cf867030400f314d7bf20f3532af8fe7152d6abc0dc943d9ea711903
openssh-clients-3.9p1-8.RHEL4.9.ia64.rpm SHA-256: 5df6f979637d12dc370b8fc652dc3c2f2cfd5b7c4fdc580f1a7c6cae67def98b
openssh-server-3.9p1-8.RHEL4.9.ia64.rpm SHA-256: bd1ce27e8a8648e27cce983d936a8d721075ced01b4e78a61301755f4ed55ae8
i386
openssh-3.9p1-8.RHEL4.9.i386.rpm SHA-256: 003061b45fd44ff9764f3dc83c776a73e88f708aaddc38217e431cbffb8971a6
openssh-askpass-3.9p1-8.RHEL4.9.i386.rpm SHA-256: 0455515d0d994c674abf6a093a04094e2177df570cf85dfad4c8aacca657f60e
openssh-askpass-gnome-3.9p1-8.RHEL4.9.i386.rpm SHA-256: 980857966a0eba1e9107ab597553ee89d9f2f8b995d099a80824f8c35c540391
openssh-clients-3.9p1-8.RHEL4.9.i386.rpm SHA-256: 411f456b6de8266d79f6ec3aefd35443421f0bd8acc9825bc5a49147715fe989
openssh-server-3.9p1-8.RHEL4.9.i386.rpm SHA-256: 2292e601e912bbe93cb5e53323b5044974f8659da20f53df7cc5bd3c8a933afc

Red Hat Enterprise Linux Desktop 4

SRPM
openssh-3.9p1-8.RHEL4.9.src.rpm SHA-256: b345c41a69eab232084cd9e8d83df6810050a8becf4775fc9d10ebde1bda8cd3
x86_64
openssh-3.9p1-8.RHEL4.9.x86_64.rpm SHA-256: 15055aa0bb6ce3dbcf1b45b5ee74f42de25fc0cfa1e4630c0bd48effa585f045
openssh-askpass-3.9p1-8.RHEL4.9.x86_64.rpm SHA-256: 33fe5cc96875e89ad947771cc45ac9d8bfc881313047a468537f9ad21f3333c0
openssh-askpass-gnome-3.9p1-8.RHEL4.9.x86_64.rpm SHA-256: b39174fbd16067fac3efa0108c7f038e864deeb78008685429f703bd743b31af
openssh-clients-3.9p1-8.RHEL4.9.x86_64.rpm SHA-256: 8b4ef4f47e32d61a694276e1b863842352c972b75b47ce12011693cc720c766d
openssh-server-3.9p1-8.RHEL4.9.x86_64.rpm SHA-256: fc4dd2721a7693383b65c2b0b9bb72de69c3bd97f0bc2cdce9a1668ee9956dcb
i386
openssh-3.9p1-8.RHEL4.9.i386.rpm SHA-256: 003061b45fd44ff9764f3dc83c776a73e88f708aaddc38217e431cbffb8971a6
openssh-askpass-3.9p1-8.RHEL4.9.i386.rpm SHA-256: 0455515d0d994c674abf6a093a04094e2177df570cf85dfad4c8aacca657f60e
openssh-askpass-gnome-3.9p1-8.RHEL4.9.i386.rpm SHA-256: 980857966a0eba1e9107ab597553ee89d9f2f8b995d099a80824f8c35c540391
openssh-clients-3.9p1-8.RHEL4.9.i386.rpm SHA-256: 411f456b6de8266d79f6ec3aefd35443421f0bd8acc9825bc5a49147715fe989
openssh-server-3.9p1-8.RHEL4.9.i386.rpm SHA-256: 2292e601e912bbe93cb5e53323b5044974f8659da20f53df7cc5bd3c8a933afc

Red Hat Enterprise Linux for IBM z Systems 4

SRPM
openssh-3.9p1-8.RHEL4.9.src.rpm SHA-256: b345c41a69eab232084cd9e8d83df6810050a8becf4775fc9d10ebde1bda8cd3
s390x
openssh-3.9p1-8.RHEL4.9.s390x.rpm SHA-256: e3ec4e4d899a362eed65e9e1b043647c362ae2fc138b24194b06bd7b2c7c2312
openssh-askpass-3.9p1-8.RHEL4.9.s390x.rpm SHA-256: b3980812e65907229baaf6eb10740a68455d9992ad5a78f5a39ac3354a8ba483
openssh-askpass-gnome-3.9p1-8.RHEL4.9.s390x.rpm SHA-256: 9cd230f826738ef7805ce2e165db47e4258bf75c7f0c0c41bba93a1fbb766135
openssh-clients-3.9p1-8.RHEL4.9.s390x.rpm SHA-256: 72ed3ac6fce9baeda589da540b4a9782fdc6a7472509b0546ec4bf01f3f541e0
openssh-server-3.9p1-8.RHEL4.9.s390x.rpm SHA-256: dd99570c3170e7ac576d317a957fe80d9974157376e5848191b20444401a2e89
s390
openssh-3.9p1-8.RHEL4.9.s390.rpm SHA-256: acfaa95f0204bae5b83a3fc659f96211acc0cab2cc85f28d68eba2c5baa46967
openssh-askpass-3.9p1-8.RHEL4.9.s390.rpm SHA-256: 363fe95def143745480fcfafddba424071a1e753c73946f19f87cf557178619d
openssh-askpass-gnome-3.9p1-8.RHEL4.9.s390.rpm SHA-256: 32b185ebcfc83c936384895b4c1d1a7001bf3c6054d0804e17107ae3edc80c3a
openssh-clients-3.9p1-8.RHEL4.9.s390.rpm SHA-256: b1a8d46e5cd219811e29e4c8ab35af1fb6a4ad955e4ac8df0a84eea667618362
openssh-server-3.9p1-8.RHEL4.9.s390.rpm SHA-256: c460779a5a117899fd7f238ab687927d32336866ffe318aa7034d98d7f075cfd

Red Hat Enterprise Linux for Power, big endian 4

SRPM
openssh-3.9p1-8.RHEL4.9.src.rpm SHA-256: b345c41a69eab232084cd9e8d83df6810050a8becf4775fc9d10ebde1bda8cd3
ppc
openssh-3.9p1-8.RHEL4.9.ppc.rpm SHA-256: 56404e94749608012fa45001e1484623989c0dfb31af9382609261df4afcf3e3
openssh-askpass-3.9p1-8.RHEL4.9.ppc.rpm SHA-256: 43fb96b939d7a2507167b3273f37c59c28905181615abeccaf7db21ef494cf5d
openssh-askpass-gnome-3.9p1-8.RHEL4.9.ppc.rpm SHA-256: 66831a60f657a9d611809c862a9ff614896d82fb82d4cb92cf9a3f4478e9049d
openssh-clients-3.9p1-8.RHEL4.9.ppc.rpm SHA-256: 7c09e2e779a4c7564d77fb93bc30979dc166262133947698c4b6c66635801100
openssh-server-3.9p1-8.RHEL4.9.ppc.rpm SHA-256: 2781c37ab68c9e0b8b2676b15b08c19a0a5855e7d158ae06d3d51bf4fa587953

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat, Inc.

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility