OpenSSH ‘sftp-server.c’ 远程安全绕过漏洞 无CVE 7.6之前全部受影响

OpenSSH被爆出远程安全绕过漏洞,没有CVE。漏洞的问题出在'sftp-server.c' 模块上,是设计缺陷所致。攻击者利用该漏洞可以执行未授权动作,为进一步攻击制造条件。OpenSSH 7.6之前版本全部受影响。

OpenSSH 'sftp-server.c' 远程安全绕过漏洞

SecurityFocus评价

OpenSSH比较容易出现安全绕过漏洞。攻击者利用该漏洞可以执行未授权动作,为进一步攻击制造条件。OpenSSH 7.6之前版本全部受影响。

注意:这个问题以前被标记为 'OpenSSH 'sftp-server' 远程安全漏洞. 这个标题已经更换了,以便更好的呈现漏洞性质。

Bugtraq ID: 101552
Class: Design Error
CVE:  
Remote: Yes
Local: No
Published: Oct 03 2017 12:00AM
Updated: Oct 03 2017 12:00AM
Credit: Michal Zalewski.
Vulnerable: OpenSSH OpenSSH 4.2 
OpenSSH OpenSSH 4.1 
OpenSSH OpenSSH 4.0 p1
OpenSSH OpenSSH 4.0 
OpenSSH OpenSSH 3.9 p1
+ S.u.S.E. Linux Personal 9.2 x86_64
+ S.u.S.E. Linux Personal 9.2 
OpenSSH OpenSSH 3.8.1 p1
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
OpenSSH OpenSSH 3.7.1 
OpenSSH OpenSSH 3.7 p1
OpenSSH OpenSSH 3.7 .1p2
OpenSSH OpenSSH 3.7 
OpenSSH OpenSSH 3.6.1 
+ Novell Netware 6.5 
OpenSSH OpenSSH 3.5 
OpenSSH OpenSSH 3.4 p1-5
OpenSSH OpenSSH 3.4 
OpenSSH OpenSSH 3.3 
+ Openwall Openwall GNU/*/Linux (Owl)-current
OpenSSH OpenSSH 3.1 
OpenSSH OpenSSH 3.0.2 p1
+ Guardian Digital Engarde Secure Linux 1.0.1 
+ HP VirtualVault 4.6 
OpenSSH OpenSSH 3.0.2 
– Debian Linux 3.0 
+ FreeBSD FreeBSD 4.5 -STABLEpre2002-03-07
+ FreeBSD FreeBSD 4.5 -RELEASE
+ OpenPKG OpenPKG 1.0 
+ Openwall Openwall GNU/*/Linux 0.1 -stable
+ S.u.S.E. Linux 8.0 
OpenSSH OpenSSH 3.0.1 p1
OpenSSH OpenSSH 3.0.1 
OpenSSH OpenSSH 3.0 
OpenSSH OpenSSH 2.9 
+ FreeBSD FreeBSD 4.6 -RELEASE
+ FreeBSD FreeBSD 4.6 
+ FreeBSD FreeBSD 4.5 -RELEASE
+ FreeBSD FreeBSD 4.5 
OpenSSH OpenSSH 2.5.2 
– Caldera OpenUnix 8.0 
– Caldera UnixWare 7.1.1 
– Wirex Immunix OS 6.2 
OpenSSH OpenSSH 2.5 
OpenSSH OpenSSH 2.3 
– S.u.S.E. Linux 7.0 sparc
– S.u.S.E. Linux 7.0 ppc
– S.u.S.E. Linux 7.0 i386
– S.u.S.E. Linux 7.0 alpha
– S.u.S.E. Linux 6.4 ppc
– S.u.S.E. Linux 6.4 i386
– S.u.S.E. Linux 6.4 alpha
OpenSSH OpenSSH 2.2 .0p1
OpenSSH OpenSSH 2.2 
+ NetBSD NetBSD 1.5 
OpenSSH OpenSSH 2.1.1 
+ S.u.S.E. Linux 7.0 sparc
+ S.u.S.E. Linux 7.0 ppc
+ S.u.S.E. Linux 7.0 i386
+ S.u.S.E. Linux 7.0 alpha
OpenSSH OpenSSH 2.1 
OpenSSH OpenSSH 1.2.3 
+ Blue Coat Systems Security Gateway OS 2.1.5001 SP1
OpenSSH OpenSSH 1.2.2 
OpenSSH OpenSSH 7.4
OpenSSH OpenSSH 7.3
OpenSSH OpenSSH 7.2
OpenSSH OpenSSH 7.1p1
OpenSSH OpenSSH 7.1
OpenSSH OpenSSH 7.0
OpenSSH OpenSSH 6.9p1
OpenSSH OpenSSH 6.9
OpenSSH OpenSSH 6.8
OpenSSH OpenSSH 6.7
+ NetBSD NetBSD 1.5.1 
+ S.u.S.E. Linux 7.3 
+ S.u.S.E. Linux 7.2 
+ S.u.S.E. Linux 7.1 
+ S.u.S.E. Linux Database Server 0
+ S.u.S.E. Linux Firewall on CD 
+ S.u.S.E. Linux Live-CD for Firewall 
+ S.u.S.E. SuSE eMail Server III 
– SCO Open Server 5.0.6 a
– SCO Open Server 5.0.6 
– SCO Open Server 5.0.5 
– SCO Open Server 5.0.4 
– SCO Open Server 5.0.3 
– SCO Open Server 5.0.2 
– SCO Open Server 5.0.1 
– SCO Open Server 5.0 
+ SuSE SUSE Linux Enterprise Server 7
OpenSSH OpenSSH 6.6
OpenSSH OpenSSH 6.5
OpenSSH OpenSSH 6.4
OpenSSH OpenSSH 6.3
OpenSSH OpenSSH 6.2
OpenSSH OpenSSH 6.1
OpenSSH OpenSSH 6.0
OpenSSH OpenSSH 5.8 p2
OpenSSH OpenSSH 5.8
OpenSSH OpenSSH 5.7
OpenSSH OpenSSH 5.6
OpenSSH OpenSSH 5.5
OpenSSH OpenSSH 5.4
OpenSSH OpenSSH 5.3
OpenSSH OpenSSH 5.1
OpenSSH OpenSSH 5.0
OpenSSH OpenSSH 4.9
OpenSSH OpenSSH 4.8
OpenSSH OpenSSH 4.7
OpenSSH OpenSSH 4.6
OpenSSH OpenSSH 4.5
OpenSSH OpenSSH 4.4.p1
OpenSSH OpenSSH 4.4
OpenSSH OpenSSH 4.3.0
OpenSSH OpenSSH 4.2p1
OpenSSH OpenSSH 1.127
OpenSSH OpenSSH 1.126
 
Not Vulnerable:

OpenSSH OpenSSH 7.6

 

发表评论