CERT | Computer Emergency Response Team della comunità dell'istruzione e della ricerca
CERT | Computer Emergency Response Team della comunità dell'istruzione e della ricerca
GARR CERT
SSH 1.2.25/HP-UX 10.20 Vulnerability
L'accoppiata SSH 1.2.25/HP-UX 10.20 permetterebbe ad utenti locali di
accedere a nuovi account creati. Niente compromissione di privilegi,
quindi, pero' vale la pena di darci un'occhiata...
TITLE : Vulnerability with HP-UX 10.20 and SSH 1.2.25
DATE : September 7, 1998
NATURE : Local compromise (remote under some circumstances)
PLATFORMS : HP-UX 10.20 (possibly other versions of HP-UX)
DETAILS:
A vulnerability exists in HP-UX systems (tested on 10.20 that was converted
to "trusted system") using SSH 1.2.25.
When administrator creates a new user using SAM, no password is assigned,
but a random number is generated which the user needs to input upon first
login.
However, if user connects via SSH using newly created username, no password
authentication is performed and user automatically drops into shell.
This can be especially dangerous on systems where users are added on a
daily basis (universities for example) and other users aware of this bug
could gain access to newly created accounts (remote users could gain
information about new users using finger command, for example).
FIXES:
SSH 1.2.26 is available for over a month now (this problem has been fixed).
Also, version 2.0 of SSH is released (completely rewritten).
They are available for download at: ftp://ftp.cs.hut.fi/pub/ssh/
Alert di GARR-CERT Usata per la segnalazione di allarmi di sicurezza e comunicazioni di interesse generale diretti agli enti GARR. L'iscrizione è aperta e consigliata a tutti, il posting è riservato ai membri di GARR-CERT