首页 -> 安全研究
安全研究
安全漏洞
OpenSSH 'Channel'代码实现off-by-one漏洞
发布日期:2002-03-07
更新日期:2002-03-08
受影响系统:
OpenSSH OpenSSH 3.0.2不受影响系统:
OpenSSH OpenSSH 2.9p2
OpenSSH OpenSSH 2.9p1
OpenSSH OpenSSH 2.9.9
OpenSSH OpenSSH 2.9
OpenSSH OpenSSH 2.5.2
OpenSSH OpenSSH 2.5.1
OpenSSH OpenSSH 2.5
OpenSSH OpenSSH 2.3
OpenSSH OpenSSH 2.2
OpenSSH OpenSSH 2.1.1
OpenSSH OpenSSH 2.1
OpenSSH OpenSSH 2.0
OpenSSH OpenSSH 3.1描述:
BUGTRAQ ID: 4241
CVE(CAN) ID: CVE-2002-0083
OpenSSH是一个对SSH协议开放源码的,免费的实现。它对所有网络通讯进行加密传输,从而避开了许多网络层的攻击,是个很有用的网络连接工具。
OpenSSH实现上存在缓冲区溢出漏洞,一个有合法登录帐号的用户可以利用此漏洞得到主机的root权限。
为了实现X11、TCP和代理转发,OpenSSH在一个TCP连接上复用多个“channel”。OpenSSH在管理“channel”的代码实现上存在一个off-by-one(偏移一个单位)漏洞,程序可能会错误地使用正常范围之外的内存数据,一个有合法登录帐号的攻击者登录到系统以后可以利用此漏洞让sshd以root权限执行任意指令。一个恶意的ssh服务器也可能利用此漏洞在用户的客户机上执行任意指令。
<*来源:Joost Pol (joost@pine.nl)
链接:http://archives.neohapsis.com/archives/bugtraq/2002-03/att-0062/01-pine-cert-20020301.txt.asc
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc
http://www.linuxsecurity.com/advisories/other_advisory-1937.html
ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.11
ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.10
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-004.txt.asc
https://www.redhat.com/support/errata/RHSA-2002-043.html
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-019.php
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000467
http://www.debian.org/security/2002/dsa-119
http://www.suse.com/de/support/security/2002_009_openssh_txt.html
*>
建议:
临时解决方法:
如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁:
* 此问题没有好的临时解决方法,您应该尽快升级软件。如果不能及时升级,您应该限制不可信用户对sshd的访问。
* 您也可以使用下列补丁:
--- channels_old.c Mon Mar 4 02:07:06 2002
+++ channels.c Mon Mar 4 02:07:16 2002
@@ -151,7 +151,7 @@
channel_lookup(int id)
{
Channel *c;
- if (id < 0 || id > channels_alloc) {
+ if (id < 0 || id >= channels_alloc) {
log("channel_lookup: %d: bad id", id);
return NULL;
}
厂商补丁:
Caldera
-------
Caldera已经为此发布了一个安全公告(CSSA-2002-SCO.10)以及相应补丁:
CSSA-2002-SCO.10:OpenServer: OpenSSH channel code vulnerability
链接:ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.10
补丁下载:
OpenServer:
ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.10/openssh-3.1p1-VOLS.tar
从上述地址将补丁下载到/tmp目录下并展开:
# cd /tmp
# tar xvf openssh-3.1p1-VOLS.tar
运行custom命令,指定从媒介映像中安装,将/tmp目录作为映像所在位置。
Conectiva
---------
Conectiva已经为此发布了一个安全公告(CLA-2002:467)以及相应补丁:
CLA-2002:467:openssh
链接:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000467
补丁下载:
ftp://atualizacoes.conectiva.com.br/5.0/SRPMS/openssh-3.0.2p1-1U50_2cl.src.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/openssh-3.0.2p1-1U50_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/openssh-askpass-3.0.2p1-1U50_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/openssh-askpass-gnome-3.0.2p1-1U50_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/openssh-clients-3.0.2p1-1U50_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/openssh-server-3.0.2p1-1U50_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/openssh-3.0.2p1-1U51_2cl.src.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/openssh-3.0.2p1-1U51_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/openssh-askpass-3.0.2p1-1U51_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/openssh-askpass-gnome-3.0.2p1-1U51_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/openssh-clients-3.0.2p1-1U51_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/openssh-server-3.0.2p1-1U51_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/openssh-3.0.2p1-1U60_2cl.src.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/openssh-3.0.2p1-1U60_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/openssh-askpass-3.0.2p1-1U60_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/openssh-askpass-gnome-3.0.2p1-1U60_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/openssh-clients-3.0.2p1-1U60_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/openssh-server-3.0.2p1-1U60_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/openssh-3.0.2p1-1U70_2cl.src.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/openssh-3.0.2p1-1U70_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/openssh-askpass-3.0.2p1-1U70_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/openssh-askpass-gnome-3.0.2p1-1U70_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/openssh-clients-3.0.2p1-1U70_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/openssh-server-3.0.2p1-1U70_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/SRPMS/openssh-3.0.2p1-1U50_2cl.src.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/openssh-3.0.2p1-1U50_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/openssh-askpass-3.0.2p1-1U50_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/openssh-askpass-gnome-3.0.2p1-1U50_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/openssh-clients-3.0.2p1-1U50_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/openssh-server-3.0.2p1-1U50_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/SRPMS/openssh-3.0.2p1-1U50_2cl.src.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/openssh-3.0.2p1-1U50_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/openssh-askpass-3.0.2p1-1U50_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/openssh-askpass-gnome-3.0.2p1-1U50_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/openssh-clients-3.0.2p1-1U50_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/openssh-server-3.0.2p1-1U50_2cl.i386.rpm
Debian
------
Debian已经为此发布了一个安全公告(DSA-119-1):
DSA-119-1:ssh channel bug
链接:http://www.debian.org/security/2002/dsa-119
Debian 2.2 (potato)正在使用的ssh版本为1.2.3,因此不受此漏洞影响。
EnGarde
-------
EnGarde已经为此发布了一个安全公告(ESA-20020307-007)以及相应补丁:
ESA-20020307-007:Local vulnerability in OpenSSH's channel code
链接:http://www.linuxsecurity.com/advisories/other_advisory-1937.html
补丁下载:
ftp://ftp.engardelinux.org/pub/engarde/stable/updates/
http://ftp.engardelinux.org/pub/engarde/stable/updates/
补丁安装方法:
安装程序之前,主机必须是以下两种状态之一:
a) 启到一个标准的kernel
b) 禁用LIDS
用以下命令禁用LIDS:
# /sbin/lidsadm -S -- -LIDS_GLOBAL
安装更新软件:
# rpm -Uvh <filename>
更新LIDS的设置:
# /usr/sbin/config_lids.pl
开启LIDS:
# /sbin/lidsadm -S -- +LIDS_GLOBAL
检查更新文件的签名:
# rpm -Kv <filename>
FreeBSD
-------
FreeBSD已经为此发布了一个安全公告(FreeBSD-SA-02:13)以及相应补丁:
FreeBSD-SA-02:13:OpenSSH contains exploitable off-by-one bug
链接:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc
补丁下载:
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:13/openssh.patch
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:13/openssh.patch.asc
补丁安装方法:
以root身份执行以下命令:
# cd /usr/src
# patch < /path/to/sshd.patch
# cd /usr/src/secure/lib/libssh
# make depend && make all
# cd /usr/src/secure/usr.sbin/sshd
# make depend && make all install
# cd /usr/src/secure/usr.bin/ssh
# make depend && make all install
MandrakeSoft
------------
MandrakeSoft已经为此发布了一个安全公告(MDKSA-2002:019)以及相应补丁:
MDKSA-2002:019:openssh
链接:http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-019.php3
补丁下载:
________________________________________________________________________
Updated Packages:
Linux-Mandrake 7.1:
bc34824969b478a98a5a5a76d8be06b5 7.1/RPMS/openssh-3.0.2p1-1.7mdk.i586.rpm
429ebe6c85060b520768175f1b739743 7.1/RPMS/openssh-askpass-3.0.2p1-1.7mdk.i586.rpm
889aa64afb4602f5f170b8669b8008b0 7.1/RPMS/openssh-askpass-gnome-3.0.2p1-1.7mdk.i586.rpm
90607450de8453562bad9dbf45bb1f2d 7.1/RPMS/openssh-clients-3.0.2p1-1.7mdk.i586.rpm
333454f7b2a6b16eb67742ae93c08fce 7.1/RPMS/openssh-server-3.0.2p1-1.7mdk.i586.rpm
616f318fe1a6a4edb33f299f75916747 7.1/SRPMS/openssh-3.0.2p1-1.7mdk.src.rpm
Linux-Mandrake 7.2:
c14977e0a4b7298dd81ab19fdc88440b 7.2/RPMS/openssh-3.0.2p1-1.6mdk.i586.rpm
35a7b31ed5bda3881677daac6201ef01 7.2/RPMS/openssh-askpass-3.0.2p1-1.6mdk.i586.rpm
a3dfd2f05699e31617e5f92805efbd01 7.2/RPMS/openssh-askpass-gnome-3.0.2p1-1.6mdk.i586.rpm
2312e6704c681a217542f18114e42975 7.2/RPMS/openssh-clients-3.0.2p1-1.6mdk.i586.rpm
26486934d611183d82f51f42e24bb1da 7.2/RPMS/openssh-server-3.0.2p1-1.6mdk.i586.rpm
93d28e0b0a54ba70a8948f8d099abcbd 7.2/SRPMS/openssh-3.0.2p1-1.6mdk.src.rpm
Mandrake Linux 8.0:
0fd791ab728bfcc7fe0378b6b24f168c 8.0/RPMS/openssh-3.1p1-1.1mdk.i586.rpm
23873cfc4e6fc201fbcf4ae70c858256 8.0/RPMS/openssh-askpass-3.1p1-1.1mdk.i586.rpm
c61377a9986bd903f7f965fc21db402e 8.0/RPMS/openssh-askpass-gnome-3.1p1-1.1mdk.i586.rpm
374702df268b15ce2d33b33916fdb0b0 8.0/RPMS/openssh-clients-3.1p1-1.1mdk.i586.rpm
56f2c487ae041ef662ac45f338f5c331 8.0/RPMS/openssh-server-3.1p1-1.1mdk.i586.rpm
15e3cdabaf6685e36f2a8c92cf8c68e9 8.0/SRPMS/openssh-3.1p1-1.1mdk.src.rpm
Mandrake Linux 8.0/ppc:
6bb51cef03c8c1d6ff84ac8a46be74f4 ppc/8.0/RPMS/openssh-3.1p1-1.1mdk.ppc.rpm
b655673634b667a27e0d67a49e44dfdc ppc/8.0/RPMS/openssh-askpass-3.1p1-1.1mdk.ppc.rpm
e1d9f17730903e3c4d046d75d84bed52 ppc/8.0/RPMS/openssh-askpass-gnome-3.1p1-1.1mdk.ppc.rpm
bf68372dfee08ecc606d4db37f559722 ppc/8.0/RPMS/openssh-clients-3.1p1-1.1mdk.ppc.rpm
3c3f67d6ed2bd85174aa9c2654f222bf ppc/8.0/RPMS/openssh-server-3.1p1-1.1mdk.ppc.rpm
15e3cdabaf6685e36f2a8c92cf8c68e9 ppc/8.0/SRPMS/openssh-3.1p1-1.1mdk.src.rpm
Mandrake Linux 8.1:
44ff50aad9a9696ee747d201b9a3bd5f 8.1/RPMS/openssh-3.1p1-1.1mdk.i586.rpm
a8d4315ed3b5fab0e8d8f3abcae36ce7 8.1/RPMS/openssh-askpass-3.1p1-1.1mdk.i586.rpm
4df4ec7a72c4c5dbda179799738b8bd7 8.1/RPMS/openssh-askpass-gnome-3.1p1-1.1mdk.i586.rpm
a332044cf9eaeaaae0af923d55678e2b 8.1/RPMS/openssh-clients-3.1p1-1.1mdk.i586.rpm
a2a39c0c29d0c3a7660d8c58023edbe4 8.1/RPMS/openssh-server-3.1p1-1.1mdk.i586.rpm
15e3cdabaf6685e36f2a8c92cf8c68e9 8.1/SRPMS/openssh-3.1p1-1.1mdk.src.rpm
Mandrake Linux 8.1/ia64:
f885782f2ff38dc6a49cc72a2b9d7275 ia64/8.1/RPMS/openssh-3.1p1-1.1mdk.ia64.rpm
d475cb384418532d86fbdf83833049c8 ia64/8.1/RPMS/openssh-askpass-3.1p1-1.1mdk.ia64.rpm
eedf9742b96bcc09149b27b0bcd0eec9 ia64/8.1/RPMS/openssh-askpass-gnome-3.1p1-1.1mdk.ia64.rpm
92d50a697f93113791c45f0e92afb5d8 ia64/8.1/RPMS/openssh-clients-3.1p1-1.1mdk.ia64.rpm
088704726b7b77d6bee5f16df3eeba09 ia64/8.1/RPMS/openssh-server-3.1p1-1.1mdk.ia64.rpm
15e3cdabaf6685e36f2a8c92cf8c68e9 ia64/8.1/SRPMS/openssh-3.1p1-1.1mdk.src.rpm
Corporate Server 1.0.1:
bc34824969b478a98a5a5a76d8be06b5 1.0.1/RPMS/openssh-3.0.2p1-1.7mdk.i586.rpm
429ebe6c85060b520768175f1b739743 1.0.1/RPMS/openssh-askpass-3.0.2p1-1.7mdk.i586.rpm
889aa64afb4602f5f170b8669b8008b0 1.0.1/RPMS/openssh-askpass-gnome-3.0.2p1-1.7mdk.i586.rpm
90607450de8453562bad9dbf45bb1f2d 1.0.1/RPMS/openssh-clients-3.0.2p1-1.7mdk.i586.rpm
333454f7b2a6b16eb67742ae93c08fce 1.0.1/RPMS/openssh-server-3.0.2p1-1.7mdk.i586.rpm
616f318fe1a6a4edb33f299f75916747 1.0.1/SRPMS/openssh-3.0.2p1-1.7mdk.src.rpm
Single Network Firewall 7.2:
c14977e0a4b7298dd81ab19fdc88440b snf7.2/RPMS/openssh-3.0.2p1-1.6mdk.i586.rpm
35a7b31ed5bda3881677daac6201ef01 snf7.2/RPMS/openssh-askpass-3.0.2p1-1.6mdk.i586.rpm
a3dfd2f05699e31617e5f92805efbd01 snf7.2/RPMS/openssh-askpass-gnome-3.0.2p1-1.6mdk.i586.rpm
2312e6704c681a217542f18114e42975 snf7.2/RPMS/openssh-clients-3.0.2p1-1.6mdk.i586.rpm
26486934d611183d82f51f42e24bb1da snf7.2/RPMS/openssh-server-3.0.2p1-1.6mdk.i586.rpm
93d28e0b0a54ba70a8948f8d099abcbd snf7.2/SRPMS/openssh-3.0.2p1-1.6mdk.src.rpm
________________________________________________________________________
上述升级软件可以在下列地址中的任意一个镜像ftp服务器上下载:
http://www.mandrakesecure.net/en/ftp.php
NetBSD
------
NetBSD已经为此发布了一个安全公告(NetBSD-SA2002-004)以及相应补丁:
NetBSD-SA2002-004:Off-by-one error in openssh session
链接:ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-004.txt.asc
OpenSSH
-------
目前厂商已经在3.1版的软件中修复了这个安全问题,请到厂商的主页下载:
http://www.openssh.org
RedHat
------
RedHat已经为此发布了一个安全公告(RHSA-2002:043-10)以及相应补丁:
RHSA-2002:043-10:Updated openssh packages available
链接:https://www.redhat.com/support/errata/RHSA-2002-043.html
补丁下载:
Red Hat Linux 7.0:
SRPMS:
ftp://updates.redhat.com/7.0/en/os/SRPMS/openssh-3.1p1-1.src.rpm
alpha:
ftp://updates.redhat.com/7.0/en/os/alpha/openssh-3.1p1-1.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/openssh-clients-3.1p1-1.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/openssh-server-3.1p1-1.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/openssh-askpass-3.1p1-1.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/openssh-askpass-gnome-3.1p1-1.alpha.rpm
i386:
ftp://updates.redhat.com/7.0/en/os/i386/openssh-3.1p1-1.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/openssh-clients-3.1p1-1.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/openssh-server-3.1p1-1.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/openssh-askpass-3.1p1-1.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/openssh-askpass-gnome-3.1p1-1.i386.rpm
Red Hat Linux 7.1:
SRPMS:
ftp://updates.redhat.com/7.1/en/os/SRPMS/openssh-3.1p1-1.src.rpm
alpha:
ftp://updates.redhat.com/7.1/en/os/alpha/openssh-3.1p1-1.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/openssh-clients-3.1p1-1.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/openssh-server-3.1p1-1.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/openssh-askpass-3.1p1-1.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/openssh-askpass-gnome-3.1p1-1.alpha.rpm
i386:
ftp://updates.redhat.com/7.1/en/os/i386/openssh-3.1p1-1.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/openssh-clients-3.1p1-1.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/openssh-server-3.1p1-1.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/openssh-askpass-3.1p1-1.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/openssh-askpass-gnome-3.1p1-1.i386.rpm
ia64:
ftp://updates.redhat.com/7.1/en/os/ia64/openssh-3.1p1-1.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/openssh-clients-3.1p1-1.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/openssh-server-3.1p1-1.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/openssh-askpass-3.1p1-1.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/openssh-askpass-gnome-3.1p1-1.ia64.rpm
Red Hat Linux 7.2:
SRPMS:
ftp://updates.redhat.com/7.2/en/os/SRPMS/openssh-3.1p1-2.src.rpm
i386:
ftp://updates.redhat.com/7.2/en/os/i386/openssh-3.1p1-2.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/openssh-clients-3.1p1-2.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/openssh-server-3.1p1-2.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/openssh-askpass-3.1p1-2.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/openssh-askpass-gnome-3.1p1-2.i386.rpm
ia64:
ftp://updates.redhat.com/7.2/en/os/ia64/openssh-3.1p1-2.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/openssh-clients-3.1p1-2.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/openssh-server-3.1p1-2.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/openssh-askpass-3.1p1-2.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/openssh-askpass-gnome-3.1p1-2.ia64.rpm
可使用下列命令安装补丁:
rpm -Fvh [文件名]
S.u.S.E.
--------
S.u.S.E.已经为此发布了一个安全公告(SuSE-SA:2002:009)以及相应补丁:
SuSE-SA:2002:009:openssh
链接:http://www.suse.com/de/support/security/2002_009_openssh_txt.html
补丁下载:
i386 Intel Platform:
SuSE-7.3
ftp://ftp.suse.com/pub/suse/i386/update/7.3/sec1/openssh-2.9.9p2-98.i386.rpm
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.3/zq1/openssh-2.9.9p2-98.src.rpm
SuSE-7.2
ftp://ftp.suse.com/pub/suse/i386/update/7.2/sec1/openssh-2.9.9p2-96.i386.rpm
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.2/zq1/openssh-2.9.9p2-96.src.rpm
SuSE-7.1
ftp://ftp.suse.com/pub/suse/i386/update/7.1/sec1/openssh-2.9.9p2-98.i386.rpm
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.1/zq1/openssh-2.9.9p2-98.src.rpm
SuSE-7.0
ftp://ftp.suse.de/pub/suse/i386/update/7.0/sec1/openssh-2.9.9p2-97.i386.rpm
source rpm:
ftp://ftp.suse.de/pub/suse/i386/update/7.0/zq1/openssh-2.9.9p2-97.src.rpm
SuSE-6.4
ftp://ftp.suse.de/pub/suse/i386/update/6.4/sec1/openssh-2.9.9p2-94.i386.rpm
source rpm:
ftp://ftp.suse.de/pub/suse/i386/update/6.4/zq1/openssh-2.9.9p2-94.src.rpm
Sparc Platform:
SuSE-7.3
ftp://ftp.suse.com/pub/suse/sparc/update/7.3/sec1/openssh-2.9.9p2-36.sparc.rpm
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.3/zq1/openssh-2.9.9p2-36.src.rpm
SuSE-7.1
ftp://ftp.suse.com/pub/suse/sparc/update/7.1/sec1/openssh-2.9.9p2-36.sparc.rpm
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.1/zq1/openssh-2.9.9p2-36.src.rpm
SuSE-7.0
ftp://ftp.suse.de/pub/suse/sparc/update/7.0/sec1/openssh-2.9.9p2-36.sparc.rpm
source rpm:
ftp://ftp.suse.de/pub/suse/sparc/update/7.0/zq1/openssh-2.9.9p2-36.src.rpm
AXP Alpha Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/axp/update/7.1/sec1/openssh-2.9.9p2-39.alpha.rpm
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/7.1/zq1/openssh-2.9.9p2-39.src.rpm
SuSE-7.0
ftp://ftp.suse.de/pub/suse/axp/update/7.0/sec1/openssh-2.9.9p2-38.alpha.rpm
source rpm:
ftp://ftp.suse.de/pub/suse/axp/update/7.0/zq1/openssh-2.9.9p2-38.src.rpm
SuSE-6.4
ftp://ftp.suse.de/pub/suse/axp/update/6.4/sec1/openssh-2.9.9p2-37.alpha.rpm
source rpm:
ftp://ftp.suse.de/pub/suse/axp/update/6.4/zq1/openssh-2.9.9p2-37.src.rpm
PPC Power PC Platform:
SuSE-7.3
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/sec1/openssh-2.9.9p2-69.ppc.rpm
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/zq1/openssh-2.9.9p2-69.src.rpm
SuSE-7.1
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/sec1/openssh-2.9.9p2-69.ppc.rpm
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/zq1/openssh-2.9.9p2-69.src.rpm
SuSE-7.0
ftp://ftp.suse.de/pub/suse/ppc/update/7.0/sec1/openssh-2.9.9p2-68.ppc.rpm
source rpm:
ftp://ftp.suse.de/pub/suse/ppc/update/7.0/zq1/openssh-2.9.9p2-68.src.rpm
SuSE-6.4
ftp://ftp.suse.de/pub/suse/ppc/update/6.4/sec1/openssh-2.9.9p2-67.ppc.rpm
source rpm:
ftp://ftp.suse.de/pub/suse/ppc/update/6.4/zq1/openssh-2.9.9p2-67.src.rpm
浏览次数:4932
严重程度:0(网友投票)
绿盟科技给您安全的保障