Critical OpenSSH 3.7p1 PAM authentication vulnerability

Jim Turner_6 · ‎07-27-2004

Our vulnerability scanning software indicates a critical vulnerability on our managed Proliant servers:

Portable SSH OpenSSH < 3.7.1p2 port 22/tcp

Rule family: Gain root remotely | Scan rule type: non intrusive

Description:
You are running OpenSSH 3.7p1 or 3.7.1p1. These versions are vulnerable to a flaw in the way they handle PAM authentication and may allow an attacker to gain a shell on this host. *** Note that Nessus did not detect whether PAM is being enabled *** in the remote sshd or not, so this might be a false positive. Solution : Upgrade to OpenSSH 3.7.1p2 or disable PAM support in sshd_config

Question... Will it break anything to either disable PAM support in sshd_config("UsePam no" in sshd_config)?

http://www.openssh.com/txt/sshpam.adv

OR alternatively to upgrade OpenSSH ( possibly using Cygwin Setup v2.416, Cygwin DLL v1.5.5 and OpenSSH v3.7.1p2)?

http://tech.erdelynet.com/cygwin-sshd.html

Scott Shaffer · ‎07-29-2004

Insight Manager doesn't enable PAM by default or need it, so you can safely shut this off if it is on (of course, it might break something else.)

Dude, we've been totally misled by our album covers!

Jim Turner_6 · ‎07-29-2004

I did explicitly disable it, ("UsePam no" in sshd_config), after posting to satisfy our security staff, and haven't seen anything break, yet."

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Critical OpenSSH 3.7p1 PAM authentication vulnerability

Critical OpenSSH 3.7p1 PAM authentication vulnerability

Re: Critical OpenSSH 3.7p1 PAM authentication vulnerability

Re: Critical OpenSSH 3.7p1 PAM authentication vulnerability