Red Hat Product Errata RHSA-2006:0044 - Security Advisory

Issued:: 2006-03-07
Updated:: 2006-03-07

RHSA-2006:0044 - Security Advisory

Overview
Updated Packages

Synopsis

openssh security update

Type/Severity

Security Advisory: Low

Topic

Updated openssh packages that fix bugs in sshd and add auditing of user
logins are now available for Red Hat Enterprise Linux 4.

This update has been rated as having low security impact by the Red Hat
Security Response Team.

Description

OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation. This
package includes the core files necessary for both the OpenSSH client and
server.

An arbitrary command execution flaw was discovered in the way scp copies
files locally. It is possible for a local attacker to create a file with a
carefully crafted name that could execute arbitrary commands as the user
running scp to copy files locally. The Common Vulnerabilities and Exposures
project (cve.mitre.org) assigned the name CVE-2006-0225 to this issue.

The following issue has also been fixed in this update:

If the sshd service was stopped using the sshd init script while the
main sshd daemon was not running, the init script would kill other sshd
processes, such as the running sessions. For example, this could happen
when the 'service sshd stop' command was issued twice.

Additionally, this update implements auditing of user logins through the
system audit service.

All users of openssh should upgrade to these updated packages, which
resolve these issues.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

Affected Products

Red Hat Enterprise Linux Server 4 x86_64
Red Hat Enterprise Linux Server 4 ia64
Red Hat Enterprise Linux Server 4 i386
Red Hat Enterprise Linux Workstation 4 x86_64
Red Hat Enterprise Linux Workstation 4 ia64
Red Hat Enterprise Linux Workstation 4 i386
Red Hat Enterprise Linux Desktop 4 x86_64
Red Hat Enterprise Linux Desktop 4 i386
Red Hat Enterprise Linux for IBM z Systems 4 s390x
Red Hat Enterprise Linux for IBM z Systems 4 s390
Red Hat Enterprise Linux for Power, big endian 4 ppc

Fixes

BZ - 170466 - CVE-2006-0225 local to local copy uses shell expansion twice
BZ - 170468 - init script kills all running sshd's if listening server is stopped
BZ - 170568 - add audit message to sshd

CVEs

CVE-2006-0225

References

(none)

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 4

SRPM
openssh-3.9p1-8.RHEL4.12.src.rpm	SHA-256: 677be0e8fe4dd08fae29f24d74cc96d8e23658fbbd26cdf5f26b340c30b9198a
x86_64
openssh-3.9p1-8.RHEL4.12.x86_64.rpm	SHA-256: eef046f16f6f5f383fbda2b65db2d75e6449e701ad8d3d7da0a1ca506b4b2ed6
openssh-3.9p1-8.RHEL4.12.x86_64.rpm	SHA-256: eef046f16f6f5f383fbda2b65db2d75e6449e701ad8d3d7da0a1ca506b4b2ed6
openssh-askpass-3.9p1-8.RHEL4.12.x86_64.rpm	SHA-256: 043df04635d90a91d6176e824c152cd9c3b03fe10c1318804bc1032b1a48d7be
openssh-askpass-3.9p1-8.RHEL4.12.x86_64.rpm	SHA-256: 043df04635d90a91d6176e824c152cd9c3b03fe10c1318804bc1032b1a48d7be
openssh-askpass-gnome-3.9p1-8.RHEL4.12.x86_64.rpm	SHA-256: f39592dda3b77078d3a20e31d0c284ab9b51898c9ba6bd134dff19310cd56cf4
openssh-askpass-gnome-3.9p1-8.RHEL4.12.x86_64.rpm	SHA-256: f39592dda3b77078d3a20e31d0c284ab9b51898c9ba6bd134dff19310cd56cf4
openssh-clients-3.9p1-8.RHEL4.12.x86_64.rpm	SHA-256: 9b2b4f4228a785342ed172b58e9ee2af37c5a6511c307a48e3c2a87c2068cba3
openssh-clients-3.9p1-8.RHEL4.12.x86_64.rpm	SHA-256: 9b2b4f4228a785342ed172b58e9ee2af37c5a6511c307a48e3c2a87c2068cba3
openssh-server-3.9p1-8.RHEL4.12.x86_64.rpm	SHA-256: 0b089c0df3cf577ce82c16a54319b6d5928953aef81504cf6d620d769df9c80e
openssh-server-3.9p1-8.RHEL4.12.x86_64.rpm	SHA-256: 0b089c0df3cf577ce82c16a54319b6d5928953aef81504cf6d620d769df9c80e
ia64
openssh-3.9p1-8.RHEL4.12.ia64.rpm	SHA-256: 362fe68d1caa5aa6549f54148467c071f35eb6bd6d5932759f235ee4e3fa093a
openssh-3.9p1-8.RHEL4.12.ia64.rpm	SHA-256: 362fe68d1caa5aa6549f54148467c071f35eb6bd6d5932759f235ee4e3fa093a
openssh-askpass-3.9p1-8.RHEL4.12.ia64.rpm	SHA-256: c85be278b769ffe7879e32f8fa784e978401f5878b9024ed4bddfbfe27310c39
openssh-askpass-3.9p1-8.RHEL4.12.ia64.rpm	SHA-256: c85be278b769ffe7879e32f8fa784e978401f5878b9024ed4bddfbfe27310c39
openssh-askpass-gnome-3.9p1-8.RHEL4.12.ia64.rpm	SHA-256: 31a7466ee20e131ccb3c9ca3b222c42fefaa7710af5dc66324a7a732c9f27cb2
openssh-askpass-gnome-3.9p1-8.RHEL4.12.ia64.rpm	SHA-256: 31a7466ee20e131ccb3c9ca3b222c42fefaa7710af5dc66324a7a732c9f27cb2
openssh-clients-3.9p1-8.RHEL4.12.ia64.rpm	SHA-256: dfb89226531a2cc6a89edf27080e7265af12f893fcb7aec92d80f243480e6d6c
openssh-clients-3.9p1-8.RHEL4.12.ia64.rpm	SHA-256: dfb89226531a2cc6a89edf27080e7265af12f893fcb7aec92d80f243480e6d6c
openssh-server-3.9p1-8.RHEL4.12.ia64.rpm	SHA-256: 99f98709f89ee1fcbdd1b372912134cd322c751e69e6592af18b81c4ff75873a
openssh-server-3.9p1-8.RHEL4.12.ia64.rpm	SHA-256: 99f98709f89ee1fcbdd1b372912134cd322c751e69e6592af18b81c4ff75873a
i386
openssh-3.9p1-8.RHEL4.12.i386.rpm	SHA-256: a7585962324dfa83a8ff26aeac543d6b4beb82e7bd89b656f073286fc91163db
openssh-3.9p1-8.RHEL4.12.i386.rpm	SHA-256: a7585962324dfa83a8ff26aeac543d6b4beb82e7bd89b656f073286fc91163db
openssh-askpass-3.9p1-8.RHEL4.12.i386.rpm	SHA-256: dd887896755c9006210ecded4562c026d54af05fb25ef8975b7f5b8422f53ec4
openssh-askpass-3.9p1-8.RHEL4.12.i386.rpm	SHA-256: dd887896755c9006210ecded4562c026d54af05fb25ef8975b7f5b8422f53ec4
openssh-askpass-gnome-3.9p1-8.RHEL4.12.i386.rpm	SHA-256: 6b1bc8e75d71351aa1bb2b121245476e2d95ec1cfb47c1ed78ab35a190d4ee90
openssh-askpass-gnome-3.9p1-8.RHEL4.12.i386.rpm	SHA-256: 6b1bc8e75d71351aa1bb2b121245476e2d95ec1cfb47c1ed78ab35a190d4ee90
openssh-clients-3.9p1-8.RHEL4.12.i386.rpm	SHA-256: 5228e712df07866dfcd51beb0f7341004b49d4a1d7e6261209b8e734e639531a
openssh-clients-3.9p1-8.RHEL4.12.i386.rpm	SHA-256: 5228e712df07866dfcd51beb0f7341004b49d4a1d7e6261209b8e734e639531a
openssh-server-3.9p1-8.RHEL4.12.i386.rpm	SHA-256: 6d5ec5a04d108c03213ccc1c47930205e23e3df2644cf6258f1de6ce18e50a6a
openssh-server-3.9p1-8.RHEL4.12.i386.rpm	SHA-256: 6d5ec5a04d108c03213ccc1c47930205e23e3df2644cf6258f1de6ce18e50a6a

Red Hat Enterprise Linux Workstation 4

SRPM
openssh-3.9p1-8.RHEL4.12.src.rpm	SHA-256: 677be0e8fe4dd08fae29f24d74cc96d8e23658fbbd26cdf5f26b340c30b9198a
x86_64
openssh-3.9p1-8.RHEL4.12.x86_64.rpm	SHA-256: eef046f16f6f5f383fbda2b65db2d75e6449e701ad8d3d7da0a1ca506b4b2ed6
openssh-askpass-3.9p1-8.RHEL4.12.x86_64.rpm	SHA-256: 043df04635d90a91d6176e824c152cd9c3b03fe10c1318804bc1032b1a48d7be
openssh-askpass-gnome-3.9p1-8.RHEL4.12.x86_64.rpm	SHA-256: f39592dda3b77078d3a20e31d0c284ab9b51898c9ba6bd134dff19310cd56cf4
openssh-clients-3.9p1-8.RHEL4.12.x86_64.rpm	SHA-256: 9b2b4f4228a785342ed172b58e9ee2af37c5a6511c307a48e3c2a87c2068cba3
openssh-server-3.9p1-8.RHEL4.12.x86_64.rpm	SHA-256: 0b089c0df3cf577ce82c16a54319b6d5928953aef81504cf6d620d769df9c80e
ia64
openssh-3.9p1-8.RHEL4.12.ia64.rpm	SHA-256: 362fe68d1caa5aa6549f54148467c071f35eb6bd6d5932759f235ee4e3fa093a
openssh-askpass-3.9p1-8.RHEL4.12.ia64.rpm	SHA-256: c85be278b769ffe7879e32f8fa784e978401f5878b9024ed4bddfbfe27310c39
openssh-askpass-gnome-3.9p1-8.RHEL4.12.ia64.rpm	SHA-256: 31a7466ee20e131ccb3c9ca3b222c42fefaa7710af5dc66324a7a732c9f27cb2
openssh-clients-3.9p1-8.RHEL4.12.ia64.rpm	SHA-256: dfb89226531a2cc6a89edf27080e7265af12f893fcb7aec92d80f243480e6d6c
openssh-server-3.9p1-8.RHEL4.12.ia64.rpm	SHA-256: 99f98709f89ee1fcbdd1b372912134cd322c751e69e6592af18b81c4ff75873a
i386
openssh-3.9p1-8.RHEL4.12.i386.rpm	SHA-256: a7585962324dfa83a8ff26aeac543d6b4beb82e7bd89b656f073286fc91163db
openssh-askpass-3.9p1-8.RHEL4.12.i386.rpm	SHA-256: dd887896755c9006210ecded4562c026d54af05fb25ef8975b7f5b8422f53ec4
openssh-askpass-gnome-3.9p1-8.RHEL4.12.i386.rpm	SHA-256: 6b1bc8e75d71351aa1bb2b121245476e2d95ec1cfb47c1ed78ab35a190d4ee90
openssh-clients-3.9p1-8.RHEL4.12.i386.rpm	SHA-256: 5228e712df07866dfcd51beb0f7341004b49d4a1d7e6261209b8e734e639531a
openssh-server-3.9p1-8.RHEL4.12.i386.rpm	SHA-256: 6d5ec5a04d108c03213ccc1c47930205e23e3df2644cf6258f1de6ce18e50a6a

Red Hat Enterprise Linux Desktop 4

SRPM
openssh-3.9p1-8.RHEL4.12.src.rpm	SHA-256: 677be0e8fe4dd08fae29f24d74cc96d8e23658fbbd26cdf5f26b340c30b9198a
x86_64
openssh-3.9p1-8.RHEL4.12.x86_64.rpm	SHA-256: eef046f16f6f5f383fbda2b65db2d75e6449e701ad8d3d7da0a1ca506b4b2ed6
openssh-askpass-3.9p1-8.RHEL4.12.x86_64.rpm	SHA-256: 043df04635d90a91d6176e824c152cd9c3b03fe10c1318804bc1032b1a48d7be
openssh-askpass-gnome-3.9p1-8.RHEL4.12.x86_64.rpm	SHA-256: f39592dda3b77078d3a20e31d0c284ab9b51898c9ba6bd134dff19310cd56cf4
openssh-clients-3.9p1-8.RHEL4.12.x86_64.rpm	SHA-256: 9b2b4f4228a785342ed172b58e9ee2af37c5a6511c307a48e3c2a87c2068cba3
openssh-server-3.9p1-8.RHEL4.12.x86_64.rpm	SHA-256: 0b089c0df3cf577ce82c16a54319b6d5928953aef81504cf6d620d769df9c80e
i386
openssh-3.9p1-8.RHEL4.12.i386.rpm	SHA-256: a7585962324dfa83a8ff26aeac543d6b4beb82e7bd89b656f073286fc91163db
openssh-askpass-3.9p1-8.RHEL4.12.i386.rpm	SHA-256: dd887896755c9006210ecded4562c026d54af05fb25ef8975b7f5b8422f53ec4
openssh-askpass-gnome-3.9p1-8.RHEL4.12.i386.rpm	SHA-256: 6b1bc8e75d71351aa1bb2b121245476e2d95ec1cfb47c1ed78ab35a190d4ee90
openssh-clients-3.9p1-8.RHEL4.12.i386.rpm	SHA-256: 5228e712df07866dfcd51beb0f7341004b49d4a1d7e6261209b8e734e639531a
openssh-server-3.9p1-8.RHEL4.12.i386.rpm	SHA-256: 6d5ec5a04d108c03213ccc1c47930205e23e3df2644cf6258f1de6ce18e50a6a

Red Hat Enterprise Linux for IBM z Systems 4

SRPM
openssh-3.9p1-8.RHEL4.12.src.rpm	SHA-256: 677be0e8fe4dd08fae29f24d74cc96d8e23658fbbd26cdf5f26b340c30b9198a
s390x
openssh-3.9p1-8.RHEL4.12.s390x.rpm	SHA-256: 46909c76721dce6bd00f41e888b0f251c6daa4214777604320cecdb6418f3bbd
openssh-askpass-3.9p1-8.RHEL4.12.s390x.rpm	SHA-256: 871eff2a6ccc5f3b4491095326c5a08c5986084644d1dc66760e40cb2059cef6
openssh-askpass-gnome-3.9p1-8.RHEL4.12.s390x.rpm	SHA-256: dc5e6f856c08716fa910d238278ebe0d47fad0f6b196ad62e1b0aba0505238f7
openssh-clients-3.9p1-8.RHEL4.12.s390x.rpm	SHA-256: 42eb8405e042a92d44fec40a2a48391add9a500001df7b8531c9a6e313302031
openssh-server-3.9p1-8.RHEL4.12.s390x.rpm	SHA-256: e0a59ac96b5a99f17091ce10c1d07f3543ffcac35a251ce6515266f3edf0f48d
s390
openssh-3.9p1-8.RHEL4.12.s390.rpm	SHA-256: ce4f09cee506991e397ef70579c39c97a0070fc715cdcf1f0f5932ee1b40e03c
openssh-askpass-3.9p1-8.RHEL4.12.s390.rpm	SHA-256: 95ae4d2af011e701a1169b62fdd4b909711fead6405ed26ba4a770ef8771acb9
openssh-askpass-gnome-3.9p1-8.RHEL4.12.s390.rpm	SHA-256: cc3632ade681d131e88cb7b2bead1a9d3c2aa432f69457f19619b0bb2886a75c
openssh-clients-3.9p1-8.RHEL4.12.s390.rpm	SHA-256: d8e854bed4acf907b990427eca541aa3529cd46648fd9ba6370c510bd47b19b9
openssh-server-3.9p1-8.RHEL4.12.s390.rpm	SHA-256: c16c7f8561d7c285cde017b2a69fdfd6e2dbd85930e2777a2061d9e47c14f964

Red Hat Enterprise Linux for Power, big endian 4

SRPM
openssh-3.9p1-8.RHEL4.12.src.rpm	SHA-256: 677be0e8fe4dd08fae29f24d74cc96d8e23658fbbd26cdf5f26b340c30b9198a
ppc
openssh-3.9p1-8.RHEL4.12.ppc.rpm	SHA-256: 56d44bc5919cab99d5e064983fca5e327de6dcd47b3da83cd02f305704d50f12
openssh-askpass-3.9p1-8.RHEL4.12.ppc.rpm	SHA-256: ceeda74a47ea275ce6b427164948a8bfe3cbab2a10699fedb38513325c69d3b9
openssh-askpass-gnome-3.9p1-8.RHEL4.12.ppc.rpm	SHA-256: 109767bc8212584c27b9141bca7d9fea3d80b6d72a3d79f9d76522c08c180bfe
openssh-clients-3.9p1-8.RHEL4.12.ppc.rpm	SHA-256: 8851dc638711d718ccf920fd1d0a5e27cea3f4083b7432af4eeaae1cdcb64d7c
openssh-server-3.9p1-8.RHEL4.12.ppc.rpm	SHA-256: 9ec6f837f0f2859531c10e83e27665a44932b8d15a41b47ef7bf07624f055f0a

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

JBoss Development and Management

JBoss Integration and Automation

Mobile

Services

Tools

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories