Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
All Products
Red Hat Product Errata RHSA-2005:527 - Security Advisory
Issued:
2005-10-05
Updated:
2005-10-05

RHSA-2005:527 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

openssh security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated openssh packages that fix a security issue, bugs, and add support
for recording login user IDs for audit are now available for Red Hat
Enterprise Linux 4.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

Description

OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation.

An error in the way OpenSSH handled GSSAPI credential delegation was
discovered. OpenSSH as distributed with Red Hat Enterprise Linux 4 contains
support for GSSAPI user authentication, typically used for supporting
Kerberos. On OpenSSH installations which have GSSAPI enabled, this flaw
could allow a user who sucessfully authenticates using a method other than
GSSAPI to be delegated with GSSAPI credentials. The Common Vulnerabilities
and Exposures project (cve.mitre.org) has assigned the name CAN-2005-2798
to this issue.

Additionally, the following bugs have been addressed:

The ssh command incorrectly failed when it was issued by the root user with
a non-default group set.

The sshd daemon could fail to properly close the client connection if
multiple X clients were forwarded over the connection and the client
session exited.

The sshd daemon could bind only on the IPv6 address family for X forwarding
if the port on IPv4 address family was already bound. The X forwarding did
not work in such cases.

This update also adds support for recording login user IDs for the auditing
service. The user ID is attached to the audit records generated from the
user's session.

All users of openssh should upgrade to these updated packages, which
contain backported patches to resolve these issues.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

Affected Products

  • Red Hat Enterprise Linux Server 4 x86_64
  • Red Hat Enterprise Linux Server 4 ia64
  • Red Hat Enterprise Linux Server 4 i386
  • Red Hat Enterprise Linux Workstation 4 x86_64
  • Red Hat Enterprise Linux Workstation 4 ia64
  • Red Hat Enterprise Linux Workstation 4 i386
  • Red Hat Enterprise Linux Desktop 4 x86_64
  • Red Hat Enterprise Linux Desktop 4 i386
  • Red Hat Enterprise Linux for IBM z Systems 4 s390x
  • Red Hat Enterprise Linux for IBM z Systems 4 s390
  • Red Hat Enterprise Linux for Power, big endian 4 ppc

Fixes

  • BZ - 159331 - sshd update for new audit system
  • BZ - 167444 - CAN-2005-2798 Improper GSSAPI credential delegation

CVEs

  • CVE-2005-2798
  • CVE-2008-1483

References

(none)

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 4

SRPM
openssh-3.9p1-8.RHEL4.9.src.rpm SHA-256: b345c41a69eab232084cd9e8d83df6810050a8becf4775fc9d10ebde1bda8cd3
x86_64
openssh-3.9p1-8.RHEL4.9.x86_64.rpm SHA-256: 15055aa0bb6ce3dbcf1b45b5ee74f42de25fc0cfa1e4630c0bd48effa585f045
openssh-3.9p1-8.RHEL4.9.x86_64.rpm SHA-256: 15055aa0bb6ce3dbcf1b45b5ee74f42de25fc0cfa1e4630c0bd48effa585f045
openssh-askpass-3.9p1-8.RHEL4.9.x86_64.rpm SHA-256: 33fe5cc96875e89ad947771cc45ac9d8bfc881313047a468537f9ad21f3333c0
openssh-askpass-3.9p1-8.RHEL4.9.x86_64.rpm SHA-256: 33fe5cc96875e89ad947771cc45ac9d8bfc881313047a468537f9ad21f3333c0
openssh-askpass-gnome-3.9p1-8.RHEL4.9.x86_64.rpm SHA-256: b39174fbd16067fac3efa0108c7f038e864deeb78008685429f703bd743b31af
openssh-askpass-gnome-3.9p1-8.RHEL4.9.x86_64.rpm SHA-256: b39174fbd16067fac3efa0108c7f038e864deeb78008685429f703bd743b31af
openssh-clients-3.9p1-8.RHEL4.9.x86_64.rpm SHA-256: 8b4ef4f47e32d61a694276e1b863842352c972b75b47ce12011693cc720c766d
openssh-clients-3.9p1-8.RHEL4.9.x86_64.rpm SHA-256: 8b4ef4f47e32d61a694276e1b863842352c972b75b47ce12011693cc720c766d
openssh-server-3.9p1-8.RHEL4.9.x86_64.rpm SHA-256: fc4dd2721a7693383b65c2b0b9bb72de69c3bd97f0bc2cdce9a1668ee9956dcb
openssh-server-3.9p1-8.RHEL4.9.x86_64.rpm SHA-256: fc4dd2721a7693383b65c2b0b9bb72de69c3bd97f0bc2cdce9a1668ee9956dcb
ia64
openssh-3.9p1-8.RHEL4.9.ia64.rpm SHA-256: f033bc93181e6f417df4d9f9cb4b0b1f054e59e0c227b1b27d45ef0fbb07ffb7
openssh-3.9p1-8.RHEL4.9.ia64.rpm SHA-256: f033bc93181e6f417df4d9f9cb4b0b1f054e59e0c227b1b27d45ef0fbb07ffb7
openssh-askpass-3.9p1-8.RHEL4.9.ia64.rpm SHA-256: ef48e1d4983b667bc52f5215ae6fc6a1f7d219c2e61be5df22650efe7455fefc
openssh-askpass-3.9p1-8.RHEL4.9.ia64.rpm SHA-256: ef48e1d4983b667bc52f5215ae6fc6a1f7d219c2e61be5df22650efe7455fefc
openssh-askpass-gnome-3.9p1-8.RHEL4.9.ia64.rpm SHA-256: 2b1b6b62cf867030400f314d7bf20f3532af8fe7152d6abc0dc943d9ea711903
openssh-askpass-gnome-3.9p1-8.RHEL4.9.ia64.rpm SHA-256: 2b1b6b62cf867030400f314d7bf20f3532af8fe7152d6abc0dc943d9ea711903
openssh-clients-3.9p1-8.RHEL4.9.ia64.rpm SHA-256: 5df6f979637d12dc370b8fc652dc3c2f2cfd5b7c4fdc580f1a7c6cae67def98b
openssh-clients-3.9p1-8.RHEL4.9.ia64.rpm SHA-256: 5df6f979637d12dc370b8fc652dc3c2f2cfd5b7c4fdc580f1a7c6cae67def98b
openssh-server-3.9p1-8.RHEL4.9.ia64.rpm SHA-256: bd1ce27e8a8648e27cce983d936a8d721075ced01b4e78a61301755f4ed55ae8
openssh-server-3.9p1-8.RHEL4.9.ia64.rpm SHA-256: bd1ce27e8a8648e27cce983d936a8d721075ced01b4e78a61301755f4ed55ae8
i386
openssh-3.9p1-8.RHEL4.9.i386.rpm SHA-256: 003061b45fd44ff9764f3dc83c776a73e88f708aaddc38217e431cbffb8971a6
openssh-3.9p1-8.RHEL4.9.i386.rpm SHA-256: 003061b45fd44ff9764f3dc83c776a73e88f708aaddc38217e431cbffb8971a6
openssh-askpass-3.9p1-8.RHEL4.9.i386.rpm SHA-256: 0455515d0d994c674abf6a093a04094e2177df570cf85dfad4c8aacca657f60e
openssh-askpass-3.9p1-8.RHEL4.9.i386.rpm SHA-256: 0455515d0d994c674abf6a093a04094e2177df570cf85dfad4c8aacca657f60e
openssh-askpass-gnome-3.9p1-8.RHEL4.9.i386.rpm SHA-256: 980857966a0eba1e9107ab597553ee89d9f2f8b995d099a80824f8c35c540391
openssh-askpass-gnome-3.9p1-8.RHEL4.9.i386.rpm SHA-256: 980857966a0eba1e9107ab597553ee89d9f2f8b995d099a80824f8c35c540391
openssh-clients-3.9p1-8.RHEL4.9.i386.rpm SHA-256: 411f456b6de8266d79f6ec3aefd35443421f0bd8acc9825bc5a49147715fe989
openssh-clients-3.9p1-8.RHEL4.9.i386.rpm SHA-256: 411f456b6de8266d79f6ec3aefd35443421f0bd8acc9825bc5a49147715fe989
openssh-server-3.9p1-8.RHEL4.9.i386.rpm SHA-256: 2292e601e912bbe93cb5e53323b5044974f8659da20f53df7cc5bd3c8a933afc
openssh-server-3.9p1-8.RHEL4.9.i386.rpm SHA-256: 2292e601e912bbe93cb5e53323b5044974f8659da20f53df7cc5bd3c8a933afc

Red Hat Enterprise Linux Workstation 4

SRPM
openssh-3.9p1-8.RHEL4.9.src.rpm SHA-256: b345c41a69eab232084cd9e8d83df6810050a8becf4775fc9d10ebde1bda8cd3
x86_64
openssh-3.9p1-8.RHEL4.9.x86_64.rpm SHA-256: 15055aa0bb6ce3dbcf1b45b5ee74f42de25fc0cfa1e4630c0bd48effa585f045
openssh-askpass-3.9p1-8.RHEL4.9.x86_64.rpm SHA-256: 33fe5cc96875e89ad947771cc45ac9d8bfc881313047a468537f9ad21f3333c0
openssh-askpass-gnome-3.9p1-8.RHEL4.9.x86_64.rpm SHA-256: b39174fbd16067fac3efa0108c7f038e864deeb78008685429f703bd743b31af
openssh-clients-3.9p1-8.RHEL4.9.x86_64.rpm SHA-256: 8b4ef4f47e32d61a694276e1b863842352c972b75b47ce12011693cc720c766d
openssh-server-3.9p1-8.RHEL4.9.x86_64.rpm SHA-256: fc4dd2721a7693383b65c2b0b9bb72de69c3bd97f0bc2cdce9a1668ee9956dcb
ia64
openssh-3.9p1-8.RHEL4.9.ia64.rpm SHA-256: f033bc93181e6f417df4d9f9cb4b0b1f054e59e0c227b1b27d45ef0fbb07ffb7
openssh-askpass-3.9p1-8.RHEL4.9.ia64.rpm SHA-256: ef48e1d4983b667bc52f5215ae6fc6a1f7d219c2e61be5df22650efe7455fefc
openssh-askpass-gnome-3.9p1-8.RHEL4.9.ia64.rpm SHA-256: 2b1b6b62cf867030400f314d7bf20f3532af8fe7152d6abc0dc943d9ea711903
openssh-clients-3.9p1-8.RHEL4.9.ia64.rpm SHA-256: 5df6f979637d12dc370b8fc652dc3c2f2cfd5b7c4fdc580f1a7c6cae67def98b
openssh-server-3.9p1-8.RHEL4.9.ia64.rpm SHA-256: bd1ce27e8a8648e27cce983d936a8d721075ced01b4e78a61301755f4ed55ae8
i386
openssh-3.9p1-8.RHEL4.9.i386.rpm SHA-256: 003061b45fd44ff9764f3dc83c776a73e88f708aaddc38217e431cbffb8971a6
openssh-askpass-3.9p1-8.RHEL4.9.i386.rpm SHA-256: 0455515d0d994c674abf6a093a04094e2177df570cf85dfad4c8aacca657f60e
openssh-askpass-gnome-3.9p1-8.RHEL4.9.i386.rpm SHA-256: 980857966a0eba1e9107ab597553ee89d9f2f8b995d099a80824f8c35c540391
openssh-clients-3.9p1-8.RHEL4.9.i386.rpm SHA-256: 411f456b6de8266d79f6ec3aefd35443421f0bd8acc9825bc5a49147715fe989
openssh-server-3.9p1-8.RHEL4.9.i386.rpm SHA-256: 2292e601e912bbe93cb5e53323b5044974f8659da20f53df7cc5bd3c8a933afc

Red Hat Enterprise Linux Desktop 4

SRPM
openssh-3.9p1-8.RHEL4.9.src.rpm SHA-256: b345c41a69eab232084cd9e8d83df6810050a8becf4775fc9d10ebde1bda8cd3
x86_64
openssh-3.9p1-8.RHEL4.9.x86_64.rpm SHA-256: 15055aa0bb6ce3dbcf1b45b5ee74f42de25fc0cfa1e4630c0bd48effa585f045
openssh-askpass-3.9p1-8.RHEL4.9.x86_64.rpm SHA-256: 33fe5cc96875e89ad947771cc45ac9d8bfc881313047a468537f9ad21f3333c0
openssh-askpass-gnome-3.9p1-8.RHEL4.9.x86_64.rpm SHA-256: b39174fbd16067fac3efa0108c7f038e864deeb78008685429f703bd743b31af
openssh-clients-3.9p1-8.RHEL4.9.x86_64.rpm SHA-256: 8b4ef4f47e32d61a694276e1b863842352c972b75b47ce12011693cc720c766d
openssh-server-3.9p1-8.RHEL4.9.x86_64.rpm SHA-256: fc4dd2721a7693383b65c2b0b9bb72de69c3bd97f0bc2cdce9a1668ee9956dcb
i386
openssh-3.9p1-8.RHEL4.9.i386.rpm SHA-256: 003061b45fd44ff9764f3dc83c776a73e88f708aaddc38217e431cbffb8971a6
openssh-askpass-3.9p1-8.RHEL4.9.i386.rpm SHA-256: 0455515d0d994c674abf6a093a04094e2177df570cf85dfad4c8aacca657f60e
openssh-askpass-gnome-3.9p1-8.RHEL4.9.i386.rpm SHA-256: 980857966a0eba1e9107ab597553ee89d9f2f8b995d099a80824f8c35c540391
openssh-clients-3.9p1-8.RHEL4.9.i386.rpm SHA-256: 411f456b6de8266d79f6ec3aefd35443421f0bd8acc9825bc5a49147715fe989
openssh-server-3.9p1-8.RHEL4.9.i386.rpm SHA-256: 2292e601e912bbe93cb5e53323b5044974f8659da20f53df7cc5bd3c8a933afc

Red Hat Enterprise Linux for IBM z Systems 4

SRPM
openssh-3.9p1-8.RHEL4.9.src.rpm SHA-256: b345c41a69eab232084cd9e8d83df6810050a8becf4775fc9d10ebde1bda8cd3
s390x
openssh-3.9p1-8.RHEL4.9.s390x.rpm SHA-256: e3ec4e4d899a362eed65e9e1b043647c362ae2fc138b24194b06bd7b2c7c2312
openssh-askpass-3.9p1-8.RHEL4.9.s390x.rpm SHA-256: b3980812e65907229baaf6eb10740a68455d9992ad5a78f5a39ac3354a8ba483
openssh-askpass-gnome-3.9p1-8.RHEL4.9.s390x.rpm SHA-256: 9cd230f826738ef7805ce2e165db47e4258bf75c7f0c0c41bba93a1fbb766135
openssh-clients-3.9p1-8.RHEL4.9.s390x.rpm SHA-256: 72ed3ac6fce9baeda589da540b4a9782fdc6a7472509b0546ec4bf01f3f541e0
openssh-server-3.9p1-8.RHEL4.9.s390x.rpm SHA-256: dd99570c3170e7ac576d317a957fe80d9974157376e5848191b20444401a2e89
s390
openssh-3.9p1-8.RHEL4.9.s390.rpm SHA-256: acfaa95f0204bae5b83a3fc659f96211acc0cab2cc85f28d68eba2c5baa46967
openssh-askpass-3.9p1-8.RHEL4.9.s390.rpm SHA-256: 363fe95def143745480fcfafddba424071a1e753c73946f19f87cf557178619d
openssh-askpass-gnome-3.9p1-8.RHEL4.9.s390.rpm SHA-256: 32b185ebcfc83c936384895b4c1d1a7001bf3c6054d0804e17107ae3edc80c3a
openssh-clients-3.9p1-8.RHEL4.9.s390.rpm SHA-256: b1a8d46e5cd219811e29e4c8ab35af1fb6a4ad955e4ac8df0a84eea667618362
openssh-server-3.9p1-8.RHEL4.9.s390.rpm SHA-256: c460779a5a117899fd7f238ab687927d32336866ffe318aa7034d98d7f075cfd

Red Hat Enterprise Linux for Power, big endian 4

SRPM
openssh-3.9p1-8.RHEL4.9.src.rpm SHA-256: b345c41a69eab232084cd9e8d83df6810050a8becf4775fc9d10ebde1bda8cd3
ppc
openssh-3.9p1-8.RHEL4.9.ppc.rpm SHA-256: 56404e94749608012fa45001e1484623989c0dfb31af9382609261df4afcf3e3
openssh-askpass-3.9p1-8.RHEL4.9.ppc.rpm SHA-256: 43fb96b939d7a2507167b3273f37c59c28905181615abeccaf7db21ef494cf5d
openssh-askpass-gnome-3.9p1-8.RHEL4.9.ppc.rpm SHA-256: 66831a60f657a9d611809c862a9ff614896d82fb82d4cb92cf9a3f4478e9049d
openssh-clients-3.9p1-8.RHEL4.9.ppc.rpm SHA-256: 7c09e2e779a4c7564d77fb93bc30979dc166262133947698c4b6c66635801100
openssh-server-3.9p1-8.RHEL4.9.ppc.rpm SHA-256: 2781c37ab68c9e0b8b2676b15b08c19a0a5855e7d158ae06d3d51bf4fa587953

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
Copyright © 2023 Red Hat, Inc.
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Red Hat Summit
Twitter