OpenSSH is a tool that provides encrypted communication sessions over a computer network using the SSH protocol, has just patched a possible remote code execution bug.
This vulnerability has discovered on 07 November 2013 by an OpenSSH developer Mark Friedl, and the fix was announced and published the next day.
The OpenSSH code supports a range of different algorithms for encryption and for message authentication.As part of setting up the data structures needed to open a new secure channel, memory was allocated for the functions of encrypting and authenticating, and this memory included space for what are known as callbacks.
Callback is data variable that gives the program a memory address to which it should send control to perform a specific task.
If a remote attacker can tweak the content of a callback then when the callback happens, the attacker might be able to divert program execution into his own code and there by take over your system.
The issue here is that OpenSSH keeps a callback used for finalizing and cleaning up the message authentication algorithm in use.
When you open an SSH connection, you specify the algorithms to use for encryption and authentication and OpenSSH initializes all the needed data structures for them including filling in the addresses of the callbacks that let the algorithms do their work.
This vulnerability might permit code execution with the privileges of the authenticated user and may therefore allow bypassing restricted shell/command configurations.
This vulnarability is fixed in OpenSSH 6.4 version. There is security patch available for those users who prefer to continue use OpenSSH 6.2 or 6.3.
This vulnerability has discovered on 07 November 2013 by an OpenSSH developer Mark Friedl, and the fix was announced and published the next day.
The OpenSSH code supports a range of different algorithms for encryption and for message authentication.As part of setting up the data structures needed to open a new secure channel, memory was allocated for the functions of encrypting and authenticating, and this memory included space for what are known as callbacks.
Callback is data variable that gives the program a memory address to which it should send control to perform a specific task.
If a remote attacker can tweak the content of a callback then when the callback happens, the attacker might be able to divert program execution into his own code and there by take over your system.
The issue here is that OpenSSH keeps a callback used for finalizing and cleaning up the message authentication algorithm in use.
When you open an SSH connection, you specify the algorithms to use for encryption and authentication and OpenSSH initializes all the needed data structures for them including filling in the addresses of the callbacks that let the algorithms do their work.
This vulnerability might permit code execution with the privileges of the authenticated user and may therefore allow bypassing restricted shell/command configurations.
This vulnarability is fixed in OpenSSH 6.4 version. There is security patch available for those users who prefer to continue use OpenSSH 6.2 or 6.3.
Dear All,
ReplyDeleteWe are introducing the new and exciting world of social network, FUNBOOK
Fast growing social media website with full security. You can join now for free
CLICK HERE
http://funbook-pk.com
Wishing you best of luck