Slashdot Mirror
New FreeBSD, NetBSD Security Advisories
Dan writes "FreeBSD has formally announced a security advisory entitled "OpenSSH buffer management error" for the now famous OpenSSH advisory (OpenSSH has released a new version 3.7.1 to address this issue). NetBSD has issued a similar advisory and fix for this issue. NetBSD has released two additional security advisories entitled "Kernel memory disclosure via ibcs2" and "Insufficient argument checking in sysctl(2)"."
Given that the default install has ssh turned on, will they change it to "two remote holes" ?
If you look carefully at the bug - at first glance, it lookls like when SSHD faluts out, some extra memory will be wiped with nulls.
Perhaps there's more to this but basically whats is going on
SSHD need more memory.
Memrory counter is added to.
Memeory is allocated.
Repeat (until memory allocation fails)
then...
Because SSHD needs to wipe all it's memory to null so no crpto stuff is left lying around, all the memory pointed to my them memory counter is wiped. But unfortunalty some of that memory doesen't belong to SSHD because the memory allocation failed.
Moneyed corporations, non-working 'poor' and criminal prisoners are turning productive citizens into tax-slaves.
All of the other vendors released similar bulletins... Most of them questioned the validity of this hole, but to be safe, they issued these notes to their customers to update OpenSSH. I know RedHat and Mandrake did.
Phil
in this case, the problem was a bug rather than a design issue, so a 3-line code change is appropriate. I do agree that there is a lot of "special case" "fixes" that try to hide fundamental problems.
Check your system. In terminal type: