Sécurité informatique

SECURINFOS.INFO - Veille en sécurité informatique

Debian : mise à jour pour openssh

17/09/2008 23H56
Référence Secunia : SA318852008-09-17
Moyennement critique. Critique Niveau 3 sur 5.
Impact : DoS
Lieu : A distance


Solutions :
Correctif de l'éditeur

OS :
Debian GNU/Linux 4.0


Référence CVE :
CVE-2008-4109

Description :
Debian a réalisé une mise à jour pour openssh. Cela corrige une vulnérabilité, qui pourrait être exploitée par des personnes malintentionnées pour causer un Déni de Service (DoS).

La vulnérabilité est causée du fait qu'un patch incorrect pour CVE-2006-5051.


Solutions :
Appliquez les paquetages mis à jour.

-- Debian GNU/Linux 4.0 alias etch --

Archives source :

http://security.debian.org/pool/updates/main/o/openssh/openssh_4.3p2-9etch3.diff.gz

Taille/checksum MD5: 275859 d36cb34826bb92eca24a9397369baee6
http://security.debian.org/pool/updates/main/o/openssh/openssh_4.3p2.orig.tar.gz

Taille/checksum MD5: 920186 239fc801443acaffd4c1f111948ee69c
http://security.debian.org/pool/updates/main/o/openssh/openssh_4.3p2-9etch3.dsc

Taille/checksum MD5: 1310 1888a56e6050c8b8c2caf95e9da1db84

Paquetages indépendants de l'architecture :

http://security.debian.org/pool/updates/main/o/openssh/ssh-krb5_4.3p2-9etch3_all.deb

Taille/checksum MD5: 91378 2748b67458de398e05e7c05227a0c612
http://security.debian.org/pool/updates/main/o/openssh/ssh_4.3p2-9etch3_all.deb

Taille/checksum MD5: 1052 f47a80d017cd3184bc981a38ced31ee8

Architecture Alpha (DEC Alpha) :

http://security.debian.org/pool/updates/main/o/openssh/openssh-client_4.3p2-9etch3_alpha.deb

Taille/checksum MD5: 782932 e7f3b896603dc1aebadb370d79ab90f5
http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_4.3p2-9etch3_alpha.deb

Taille/checksum MD5: 100580 8ed4b61e252f3080073134abae2a36cd
http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_4.3p2-9etch3_alpha.udeb

Taille/checksum MD5: 213712 9eb6b65f9292db607a4b2d6bf498c54f
http://security.debian.org/pool/updates/main/o/openssh/openssh-server_4.3p2-9etch3_alpha.deb

Taille/checksum MD5: 266512 81805fcb11c56d7252ecdf4a1e74d713
http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_4.3p2-9etch3_alpha.udeb

Taille/checksum MD5: 198516 d294a1db5f4257c4c58154bb160232f1

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/o/openssh/openssh-client_4.3p2-9etch3_amd64.deb

Taille/checksum MD5: 710490 816deaa292a89d07a1d8b6ad196eb72d
http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_4.3p2-9etch3_amd64.deb

Taille/checksum MD5: 99976 05a863e6cd0aaced1cf8c774d7573274
http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_4.3p2-9etch3_amd64.udeb

Taille/checksum MD5: 183846 a9c89a870bb58463606ec8b736643144
http://security.debian.org/pool/updates/main/o/openssh/openssh-server_4.3p2-9etch3_amd64.deb

Taille/checksum MD5: 244368 9d0b3126c34e338b4f5216284518aea8
http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_4.3p2-9etch3_amd64.udeb

Taille/checksum MD5: 171380 2cf03617de7bd22ff03b85f8ca2b25f0

arm architecture (ARM)

http://security.debian.org/pool/updates/main/o/openssh/openssh-client_4.3p2-9etch3_arm.deb

Taille/checksum MD5: 650726 a50736277f77d29a8cd59be5de31efe8
http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_4.3p2-9etch3_arm.deb

Taille/checksum MD5: 99754 bee5a81d4168699a324ff572d6e436d6
http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_4.3p2-9etch3_arm.udeb

Taille/checksum MD5: 164866 067f69be0283f3bb3cf697f4312d2bbb
http://security.debian.org/pool/updates/main/o/openssh/openssh-server_4.3p2-9etch3_arm.deb

Taille/checksum MD5: 218966 2a8dfbfc4e5abe2d333f20e123ad38ad
http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_4.3p2-9etch3_arm.udeb

Taille/checksum MD5: 171672 a0ce63abaee1e7cfbaf64e62dc8164b5

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/o/openssh/openssh-client_4.3p2-9etch3_hppa.deb

Taille/checksum MD5: 732946 3177a89f68634880a3da10e054abe538
http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_4.3p2-9etch3_hppa.udeb

Taille/checksum MD5: 189606 92ce0ac13874e3ec7ef20e7d97221850
http://security.debian.org/pool/updates/main/o/openssh/openssh-server_4.3p2-9etch3_hppa.deb

Taille/checksum MD5: 249864 191165420d41b4ea84f7ae820a61dee1
http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_4.3p2-9etch3_hppa.udeb

Taille/checksum MD5: 198138 af0b7c29c951135595170b63251dd484
http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_4.3p2-9etch3_hppa.deb

Taille/checksum MD5: 100532 55db615aae32e2adf40dbe79b5fc7cf1

Architecture i386 (Intel ia32) :

http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_4.3p2-9etch3_i386.deb

Taille/checksum MD5: 99766 5844bc9b9aebd6da32ceba7b80017dea
http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_4.3p2-9etch3_i386.udeb

Taille/checksum MD5: 162626 b8ce1b90a26b1097ddfc5fb8323dc1d3
http://security.debian.org/pool/updates/main/o/openssh/openssh-server_4.3p2-9etch3_i386.deb

Taille/checksum MD5: 223696 087b8d33303c197953ba2a9904345592
http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_4.3p2-9etch3_i386.udeb

Taille/checksum MD5: 154038 308a4f0d415532bfa7b3836d70aaf4ea
http://security.debian.org/pool/updates/main/o/openssh/openssh-client_4.3p2-9etch3_i386.deb

Taille/checksum MD5: 659992 df6bf6ae7a34e91d5677115bbdb01b73

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/o/openssh/openssh-client_4.3p2-9etch3_ia64.deb

Taille/checksum MD5: 962182 49dc85d747e2a50d8e37b9c4e7428e6e
http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_4.3p2-9etch3_ia64.udeb

Taille/checksum MD5: 269904 bf013bd6ab07afab765d6ca84be21666
http://security.debian.org/pool/updates/main/o/openssh/openssh-server_4.3p2-9etch3_ia64.deb

Taille/checksum MD5: 338240 3fe40ae711c9c0c3689f5d8c50b70af7
http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_4.3p2-9etch3_ia64.deb

Taille/checksum MD5: 101440 c49ecbbdd0101c8a90fcc9d4b60ae1c8
http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_4.3p2-9etch3_ia64.udeb

Taille/checksum MD5: 251934 793c1d31b7a179a766ed57d6ad5649cf

Architecture mips (MIPS (Big Endian)) :

http://security.debian.org/pool/updates/main/o/openssh/openssh-client_4.3p2-9etch3_mips.deb

Taille/checksum MD5: 732114 9ec13c1de7481000339c6f10ebb7f149
http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_4.3p2-9etch3_mips.udeb

Taille/checksum MD5: 191298 d190ada9fd3c0420d949126c02fa85da
http://security.debian.org/pool/updates/main/o/openssh/openssh-server_4.3p2-9etch3_mips.deb

Taille/checksum MD5: 251044 c97d6f7d9baf2b1678289e9e067ea4d4
http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_4.3p2-9etch3_mips.udeb

Taille/checksum MD5: 200554 028987ca5310b3fb2e6003ba385b2bd0
http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_4.3p2-9etch3_mips.deb

Taille/checksum MD5: 99996 f52e7996ddb5f7bff8d6ced65f82bd2d

Architecture powerpc (PowerPC) :

http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_4.3p2-9etch3_powerpc.udeb

Taille/checksum MD5: 168340 030a27c9ce4287f28669ba4a5af8247c
http://security.debian.org/pool/updates/main/o/openssh/openssh-server_4.3p2-9etch3_powerpc.deb

Taille/checksum MD5: 237020 3cde6fe4ab569ca83cc9616572be11ca
http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_4.3p2-9etch3_powerpc.udeb

Taille/checksum MD5: 173280 38bdde6d16b07399ba996dd66a6311ae
http://security.debian.org/pool/updates/main/o/openssh/openssh-client_4.3p2-9etch3_powerpc.deb

Taille/checksum MD5: 700832 6397ec69df1deb0c5e0bc4c58ffae141
http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_4.3p2-9etch3_powerpc.deb

Taille/checksum MD5: 101248 bfcd1a41ede062d9449f5be7eb7cd16f

Architecture s390 (IBM S/390) :

http://security.debian.org/pool/updates/main/o/openssh/openssh-server_4.3p2-9etch3_s390.deb

Taille/checksum MD5: 246734 9181c374dcb69441bd7ec030aadfb911
http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_4.3p2-9etch3_s390.udeb

Taille/checksum MD5: 188516 a3786ab0a693ddb4f81fdeeead01ec51
http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_4.3p2-9etch3_s390.deb

Taille/checksum MD5: 100226 73ec19e480b2e9b4c2809a04a77d27b9
http://security.debian.org/pool/updates/main/o/openssh/openssh-client_4.3p2-9etch3_s390.deb

Taille/checksum MD5: 725828 7ff9eafecb36d2147305e08289ca22a4
http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_4.3p2-9etch3_s390.udeb

Taille/checksum MD5: 196900 23c3164ff897157de7fdd6b334a39e95

Architecture sparc (Sun SPARC/UltraSPARC) :

http://security.debian.org/pool/updates/main/o/openssh/openssh-client_4.3p2-9etch3_sparc.deb

Taille/checksum MD5: 640266 7c833bcc2eb5a606be3bc4243313bc97
http://security.debian.org/pool/updates/main/o/openssh/openssh-server_4.3p2-9etch3_sparc.deb

Taille/checksum MD5: 218194 eceb87ee9c789edfae071afe782c3a5f
http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_4.3p2-9etch3_sparc.udeb

Taille/checksum MD5: 166716 869791f368a6de4cfc3ddd818be8c33f
http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_4.3p2-9etch3_sparc.deb

Taille/checksum MD5: 99714 8564652d41a2c1709c6d3794b241ddc5
http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_4.3p2-9etch3_sparc.udeb

Taille/checksum MD5: 158356 d2f2015c554f5f1cd918d07559f82ebd


Vulnérabilité découverte par :

Rapportée par l'éditeur.

Référence :
DSA-1638-1:
http://lists.debian.org/debian-security-announce/2008/msg00227.html


Autres références :

SA22173:
http://secunia.com/advisories/22173/