OpenSSH缓冲区管理存在漏洞

发布时间：2003-09-15
更新时间：2003-09-26
严重程度：高
威胁程度：远程管理员权限
错误类型：边界检查错误
利用方式：服务器模式

BUGTRAQ ID：8628
CVE(CAN) ID：CAN-2003-0693

受影响系统

BlueCoat Systems CacheOS CA/SA 4.1.10
BlueCoat Systems ProxySG
BlueCoat Systems SG2 Secure Proxy
BlueCoat Systems SGME 2.1.6
Bluecoat Systems SGOS 2.1.9
Bluecoat Systems SGOS 2.1.5001 SP1
Bluecoat Systems SGOS 3.1
Cisco Catalyst 2980G-A
Cisco Catalyst 2980G
Cisco Catalyst 2948G
Cisco Catalyst 4000
Cisco Catalyst 4000 4.5 (9)
Cisco Catalyst 4000 4.5 (8)
Cisco Catalyst 4000 4.5 (7)
Cisco Catalyst 4000 4.5 (6)
Cisco Catalyst 4000 4.5 (5)
Cisco Catalyst 4000 4.5 (4b)
Cisco Catalyst 4000 4.5 (4)
Cisco Catalyst 4000 4.5 (3)
Cisco Catalyst 4000 4.5 (2)
Cisco Catalyst 4000 4.5 (10)
Cisco Catalyst 4000 5.1 (2a)
Cisco Catalyst 4000 5.1 (1a)
Cisco Catalyst 4000 5.1 (1)
Cisco Catalyst 4000 5.1
Cisco Catalyst 4000 5.2 (7)
Cisco Catalyst 4000 5.2 (6)
Cisco Catalyst 4000 5.2 (5)
Cisco Catalyst 4000 5.2 (4)
Cisco Catalyst 4000 5.2 (2)
Cisco Catalyst 4000 5.2 (1a)
Cisco Catalyst 4000 5.2 (1)
Cisco Catalyst 4000 5.2
Cisco Catalyst 4000 5.4 (3)
Cisco Catalyst 4000 5.4 (2)
Cisco Catalyst 4000 5.4 (1)
Cisco Catalyst 4000 5.4
Cisco Catalyst 4000 5.4.1
Cisco Catalyst 4000 5.5 (4b)
Cisco Catalyst 4000 5.5 (4)
Cisco Catalyst 4000 5.5 (3)
Cisco Catalyst 4000 5.5 (2)
Cisco Catalyst 4000 5.5 (13)
Cisco Catalyst 4000 5.5 (1)
Cisco Catalyst 4000 5.5
Cisco Catalyst 4000 5.5.5
Cisco Catalyst 4000 6.1 (1c)
Cisco Catalyst 4000 6.1 (1b)
Cisco Catalyst 4000 6.1 (1a)
Cisco Catalyst 4000 6.1 (1)
Cisco Catalyst 4000 6.3 (4)
Cisco Catalyst 4000 6.3.5
Cisco Catalyst 4000 7.1 (2)
Cisco Catalyst 4000 7.1
Cisco Catalyst 4000 7.1.2
Cisco Catalyst 4000 7.5 (1)
Cisco Catalyst 4000 7.6 (1)
Cisco Catalyst 4912G
Cisco Catalyst 5000
Cisco Catalyst 5000 4.5 (9)
Cisco Catalyst 5000 4.5 (8)
Cisco Catalyst 5000 4.5 (7)
Cisco Catalyst 5000 4.5 (6)
Cisco Catalyst 5000 4.5 (5)
Cisco Catalyst 5000 4.5 (4b)
Cisco Catalyst 5000 4.5 (4)
Cisco Catalyst 5000 4.5 (3)
Cisco Catalyst 5000 4.5 (2)
Cisco Catalyst 5000 4.5 (13a)
Cisco Catalyst 5000 4.5 (12)
Cisco Catalyst 5000 4.5 (11)
Cisco Catalyst 5000 4.5 (10)
Cisco Catalyst 5000 5.1 (2a)
Cisco Catalyst 5000 5.1 (1)
Cisco Catalyst 5000 5.1
Cisco Catalyst 5000 5.2 (4)
Cisco Catalyst 5000 5.2 (3)
Cisco Catalyst 5000 5.2 (2)
Cisco Catalyst 5000 5.2 (1)
Cisco Catalyst 5000 5.2
Cisco Catalyst 5000 5.4 (4)
Cisco Catalyst 5000 5.4 (3)
Cisco Catalyst 5000 5.4 (2)
Cisco Catalyst 5000 5.4 (1)
Cisco Catalyst 5000 5.4.1
Cisco Catalyst 5000 5.5 (7)
Cisco Catalyst 5000 5.5 (6)
Cisco Catalyst 5000 5.5 (4b)
Cisco Catalyst 5000 5.5 (4)
Cisco Catalyst 5000 5.5 (3)
Cisco Catalyst 5000 5.5 (2)
Cisco Catalyst 5000 5.5 (13)
Cisco Catalyst 5000 5.5 (13)
Cisco Catalyst 5000 5.5 (1)
Cisco Catalyst 5000 6.1 (3)
Cisco Catalyst 5000 6.1 (2)
Cisco Catalyst 5000 6.1 (1c)
Cisco Catalyst 5000 6.1 (1b)
Cisco Catalyst 5000 6.1 (1a)
Cisco Catalyst 5000 6.1 (1)
Cisco Catalyst 5000 6.3 (4)
Cisco Catalyst 6000 2.1 (2)WS-X6380-NAM
Cisco Catalyst 6000 2.2 (1a)WS-SVC-NAM-2
Cisco Catalyst 6000 2.2 (1a)WS-SVC-NAM-1
Cisco Catalyst 6000 3.1 (1a)WS-X6380-NAM
Cisco Catalyst 6000 3.1 (1a)WS-SVC-NAM-2
Cisco Catalyst 6000 3.1 (1a)WS-SVC-NAM-1
Cisco Catalyst 6000 5.3 (6)CSX
Cisco Catalyst 6000 5.3 (5a)CSX
Cisco Catalyst 6000 5.3 (5)CSX
Cisco Catalyst 6000 5.3 (4)CSX
Cisco Catalyst 6000 5.3 (3)CSX
Cisco Catalyst 6000 5.3 (2)CSX
Cisco Catalyst 6000 5.3 (1a)CSX
Cisco Catalyst 6000 5.3 (1)CSX
Cisco Catalyst 6000 5.4 (4)
Cisco Catalyst 6000 5.4 (3)
Cisco Catalyst 6000 5.4 (2)
Cisco Catalyst 6000 5.4 (1)
Cisco Catalyst 6000 5.4
Cisco Catalyst 6000 5.4.1
Cisco Catalyst 6000 5.5 (4b)
Cisco Catalyst 6000 5.5 (4a)
Cisco Catalyst 6000 5.5 (4)
Cisco Catalyst 6000 5.5 (3)
Cisco Catalyst 6000 5.5 (2)
Cisco Catalyst 6000 5.5 (13)
Cisco Catalyst 6000 5.5 (1)
Cisco Catalyst 6000 5.5
Cisco Catalyst 6000 6.1 (2.13)
Cisco Catalyst 6000 6.1 (1c)
Cisco Catalyst 6000 6.1 (1b)
Cisco Catalyst 6000 6.1 (1a)
Cisco Catalyst 6000 6.1 (1)
Cisco Catalyst 6000 6.2 (0.111)
Cisco Catalyst 6000 6.2 (0.110)
Cisco Catalyst 6000 6.3 (4)
Cisco Catalyst 6000 6.3 (0.7)PAN
Cisco Catalyst 6000 7.1 (2)
Cisco Catalyst 6000 7.1
Cisco Catalyst 6000 7.5 (1)
Cisco Catalyst 6000 7.6 (1)
Cisco Catalyst 6500 2.1 (2)WS-X6380-NAM
Cisco Catalyst 6500 2.2 (1a)WS-SVC-NAM-2
Cisco Catalyst 6500 2.2 (1a)WS-SVC-NAM-1
Cisco Catalyst 6500 3.1 (1a)WS-X6380-NAM
Cisco Catalyst 6500 3.1 (1a)WS-SVC-NAM-2
Cisco Catalyst 6500 3.1 (1a)WS-SVC-NAM-1
Cisco Catalyst 7600 2.1 (2)WS-X6380-NAM
Cisco Catalyst 7600 2.2 (1a)WS-SVC-NAM-2
Cisco Catalyst 7600 2.2 (1a)WS-SVC-NAM-1
Cisco Catalyst 7600 3.1 (1a)WS-X6380-NAM
Cisco Catalyst 7600 3.1 (1a)WS-SVC-NAM-2
Cisco Catalyst 7600 3.1 (1a)WS-SVC-NAM-1
Cisco CatOS 6.1 (4b)
Cisco CatOS 6.1 (4)
Cisco CatOS 6.1 (3a)
Cisco CatOS 6.1 (3)
Cisco CatOS 6.1 (2a)
Cisco CatOS 6.1 (2)
Cisco CatOS 6.1 (1e)
Cisco CatOS 6.1 (1d)
Cisco CatOS 6.1 (1c)
Cisco CatOS 6.1 (1b)
Cisco CatOS 6.1 (1a)
Cisco CatOS 6.1 (1)
Cisco CatOS 6.1
Cisco CatOS 6.2 (3a)
Cisco CatOS 6.2 (3)
Cisco CatOS 6.2 (2a)
Cisco CatOS 6.2 (2)
Cisco CatOS 6.2 (1a)
Cisco CatOS 6.2 (1)
Cisco CatOS 6.3 (9)
Cisco CatOS 6.3 (8.3)
Cisco CatOS 6.3 (8)
Cisco CatOS 6.3 (7)
Cisco CatOS 6.3 (6)
Cisco CatOS 6.3 (5.10)
Cisco CatOS 6.3 (5)
Cisco CatOS 6.3 (4a)
Cisco CatOS 6.3 (4)
Cisco CatOS 6.3 (3a)
Cisco CatOS 6.3 (3)x1
Cisco CatOS 6.3 (3)x
Cisco CatOS 6.3 (3)
Cisco CatOS 6.3 (2a)
Cisco CatOS 6.3 (2)
Cisco CatOS 6.3 (1a)
Cisco CatOS 6.3 (10)
Cisco CatOS 6.3 (1)
Cisco CatOS 6.4 (3)
Cisco CatOS 6.4 (2)
Cisco CatOS 6.4 (1)
Cisco CatOS 7.1 (2a)
Cisco CatOS 7.1 (2)
Cisco CatOS 7.1 (1a)
Cisco CatOS 7.1 (1)
Cisco CatOS 7.2 (2)
Cisco CatOS 7.2 (1)
Cisco CatOS 7.2 (0.65)
Cisco CatOS 7.3 (2)
Cisco CatOS 7.3 (1)
Cisco CatOS 7.3
Cisco CatOS 7.4 (3)
Cisco CatOS 7.4 (2)
Cisco CatOS 7.4 (1)
Cisco CatOS 7.4 (0.63)
Cisco CatOS 7.4 (0.2)CLR
Cisco CatOS 7.4
Cisco CatOS 7.5 (1)
Cisco CatOS 7.5
Cisco CatOS 7.6 (1)
Cisco CatOS 7.6
Cisco CiscoWorks 1105 Hosting Solution Engine
Cisco CiscoWorks 1105 Wireless LAN Solution Engine
Cisco CSS11000 Content Services Switch
Cisco CSS11050 Content Services Switch
Cisco CSS11150 Content Services Switch
Cisco CSS11501 Content Services Switch
Cisco CSS11503 Content Services Switch
Cisco CSS11506 Content Services Switch
Cisco CSS11800 Content Services Switch
Cisco GSS 4480 Global Site Selector
Cisco Secure Intrusion Detection System (NetRanger)
Cisco SN 5428 Storage Router SN5428-3.3.2-K9
Cisco SN 5428 Storage Router SN5428-3.3.1-K9
Cisco SN 5428 Storage Router SN5428-3.2.2-K9
Cisco SN 5428 Storage Router SN5428-3.2.1-K9
Cisco SN 5428 Storage Router SN5428-2.5.1-K9
Cisco SN 5428 Storage Router SN5428-2-3.3.2-K9
Cisco SN 5428 Storage Router SN5428-2-3.3.1-K9
Cisco WebNS 6.10
   + Cisco CSS11000 Content Services Switch
   + Cisco CSS11050 Content Services Switch
   + Cisco CSS11150 Content Services Switch
   + Cisco CSS11501 Content Services Switch
   + Cisco CSS11503 Content Services Switch
   + Cisco CSS11506 Content Services Switch
   + Cisco CSS11800 Content Services Switch
Cisco WebNS 6.10 B4
   + Cisco CSS11800 Content Services Switch
Cisco WebNS 7.1 0.2.06
   + Cisco CSS11000 Content Services Switch
   + Cisco CSS11050 Content Services Switch
   + Cisco CSS11150 Content Services Switch
   + Cisco CSS11501 Content Services Switch
   + Cisco CSS11503 Content Services Switch
   + Cisco CSS11506 Content Services Switch
   + Cisco CSS11800 Content Services Switch
Cisco WebNS 7.1 0.1.02
   + Cisco CSS11000 Content Services Switch
   + Cisco CSS11050 Content Services Switch
   + Cisco CSS11150 Content Services Switch
   + Cisco CSS11501 Content Services Switch
   + Cisco CSS11503 Content Services Switch
   + Cisco CSS11506 Content Services Switch
   + Cisco CSS11800 Content Services Switch
Cisco WebNS 7.2 0.0.03
   + Cisco CSS11000 Content Services Switch
   + Cisco CSS11050 Content Services Switch
   + Cisco CSS11150 Content Services Switch
   + Cisco CSS11501 Content Services Switch
   + Cisco CSS11503 Content Services Switch
   + Cisco CSS11506 Content Services Switch
   + Cisco CSS11800 Content Services Switch
Cray Cray Open Software 3.0
F-Secure SSH 1.3.14
NetBSD NetBSD 1.5
NetBSD NetBSD 1.5.1
NetBSD NetBSD 1.5.2
NetBSD NetBSD 1.5.3
NetBSD NetBSD 1.6
NetBSD NetBSD 1.6.1
Network Appliance SecureAdmin 3.0
Network Appliance SecureAdmin for NetCache 5.5
OpenBSD OpenBSD 3.2
OpenBSD OpenBSD 3.3
OpenSSH OpenSSH 2.9.9
   + NetBSD NetBSD 1.5.2
   + S.u.S.E. Linux 7.2
   + S.u.S.E. Linux 7.3 i386
   + S.u.S.E. Linux 7.3 ppc
   + S.u.S.E. Linux 7.3 sparc
OpenSSH OpenSSH 3.0 p1
OpenSSH OpenSSH 3.0
OpenSSH OpenSSH 3.0.1 p1
OpenSSH OpenSSH 3.0.1
OpenSSH OpenSSH 3.0.2 p1
   + Guardian Digital Engarde Secure Linux 1.0.1
   + HP VirtualVault 4.6
OpenSSH OpenSSH 3.0.2
   - Debian Linux 3.0
   + FreeBSD FreeBSD 4.5 -RELEASE
   + FreeBSD FreeBSD 4.5 -STABLEpre2002-03-07
   + OpenPKG OpenPKG 1.0
   + Openwall Openwall GNU/*/Linux 0.1 -stable
   + S.u.S.E. Linux 8.0
OpenSSH OpenSSH 3.1 p1
   + RedHat Enterprise Linux AS 2.1
   + RedHat Enterprise Linux AS 2.1 IA64
   + RedHat Enterprise Linux ES 2.1
   + RedHat Enterprise Linux ES 2.1 IA64
   + RedHat Enterprise Linux WS 2.1
   + RedHat Enterprise Linux WS 2.1 IA64
   + RedHat Linux 7.1
   + RedHat Linux 7.2
   + RedHat Linux 7.3
   + RedHat Linux for iSeries 7.1
   + RedHat Linux for pSeries 7.1
   + Slackware Linux 8.1
   + Sun Linux 5.0.7
   + Sun Solaris 9.0
   + Trustix Secure Linux 1.1
   + Trustix Secure Linux 1.2
   + Trustix Secure Linux 1.5
OpenSSH OpenSSH 3.1
OpenSSH OpenSSH 3.2
   + OpenBSD OpenBSD 3.1
OpenSSH OpenSSH 3.2.2 p1
   + Apple MacOS X 10.0
   + Apple MacOS X 10.0.1
   + Apple MacOS X 10.0.2
   + Apple MacOS X 10.0.3
   + Apple MacOS X 10.0.4
   + Apple MacOS X 10.1
   + Apple MacOS X 10.1
   + Apple MacOS X 10.1.1
   + Apple MacOS X 10.1.2
   + Apple MacOS X 10.1.3
   + Apple MacOS X 10.1.4
   + Apple MacOS X 10.1.5
OpenSSH OpenSSH 3.2.3 p1
OpenSSH OpenSSH 3.3 p1
   + Conectiva Linux 6.0
   + Conectiva Linux 7.0
   + Conectiva Linux 8.0
OpenSSH OpenSSH 3.3
   + Openwall Openwall GNU/*/Linux (Owl)-current
OpenSSH OpenSSH 3.4 p1
   + Conectiva Linux 6.0
   + Conectiva Linux 7.0
   + Conectiva Linux 8.0
   + Debian Linux 3.0 alpha
   + Debian Linux 3.0 arm
   + Debian Linux 3.0 hppa
   + Debian Linux 3.0 ia-32
   + Debian Linux 3.0 ia-64
   + Debian Linux 3.0 m68k
   + Debian Linux 3.0 mips
   + Debian Linux 3.0 mipsel
   + Debian Linux 3.0 ppc
   + Debian Linux 3.0 s/390
   + Debian Linux 3.0 sparc
   + FreeBSD FreeBSD 4.7
   + FreeBSD FreeBSD 4.7 -RELEASE
   + FreeBSD FreeBSD 5.0
   + IBM AIX 4.3.3
   + IBM AIX 5.1 L
   + Immunix Immunix OS 7+
   + RedHat Linux 8.0
   + S.u.S.E. Linux 8.0
   + S.u.S.E. Linux 8.1
   + Slackware Linux 8.1
OpenSSH OpenSSH 3.4
OpenSSH OpenSSH 3.5 p1
   + Conectiva Linux 9.0
   + OpenPKG OpenPKG 1.2
   + RedHat Linux 9.0 i386
   + S.u.S.E. Linux 8.2
   + Terra Soft Solutions Yellow Dog Linux 3.0
OpenSSH OpenSSH 3.5
OpenSSH OpenSSH 3.6.1 p2
   + MandrakeSoft Corporate Server 2.1
   + MandrakeSoft Corporate Server 2.1 x86_64
   + MandrakeSoft Linux Mandrake 8.2
   + MandrakeSoft Linux Mandrake 8.2 ppc
   + MandrakeSoft Linux Mandrake 9.0
   + MandrakeSoft Linux Mandrake 9.1
   + MandrakeSoft Linux Mandrake 9.1 ppc
   + MandrakeSoft Multi Network Firewall 8.2
   + Trustix Secure Linux 2.0
OpenSSH OpenSSH 3.6.1 p1
   + OpenPKG OpenPKG Current
   + Slackware Linux -current
   + Slackware Linux 9.0
OpenSSH OpenSSH 3.6.1
OpenSSH OpenSSH 3.7 p1
OpenSSH OpenSSH 3.7
RedHat openssh-2.5.2p2-5.i386.rpm
   + RedHat Linux 7.1
RedHat openssh-2.9p2-7.i386.rpm
   + RedHat Linux 7.2
RedHat openssh-2.9p2-7.ia64.rpm
   + RedHat Linux 7.2 ia64
RedHat openssh-3.1p1-3.i386.rpm
   + RedHat Linux 7.3 i386
RedHat openssh-3.4p1-2.i386.rpm
   + RedHat Linux 8.0 i386
RedHat openssh-3.5p1-6.i386.rpm
   + RedHat Linux 9.0 i386
RedHat openssh-askpass-2.5.2p2-5.i386.rpm
   + RedHat Linux 7.1
RedHat openssh-askpass-2.9p2-7.i386.rpm
   + RedHat Linux 7.2
RedHat openssh-askpass-2.9p2-7.ia64.rpm
   + RedHat Linux 7.2 ia64
RedHat openssh-askpass-3.1p1-3.i386.rpm
   + RedHat Linux 7.3 i386
RedHat openssh-askpass-3.4p1-2.i386.rpm
   + RedHat Linux 8.0 i386
RedHat openssh-askpass-3.5p1-6.i386.rpm
   + RedHat Linux 9.0 i386
RedHat openssh-askpass-gnome-2.5.2p2-5.i386.rpm
   + RedHat Linux 7.1
RedHat openssh-askpass-gnome-2.9p2-7.i386.rpm
   + RedHat Linux 7.2
RedHat openssh-askpass-gnome-2.9p2-7.ia64.rpm
   + RedHat Linux 7.2 ia64
RedHat openssh-askpass-gnome-3.1p1-3.i386.rpm
   + RedHat Linux 7.3 i386
RedHat openssh-askpass-gnome-3.4p1-2.i386.rpm
   + RedHat Linux 8.0 i386
RedHat openssh-askpass-gnome-3.5p1-6.i386.rpm
   + RedHat Linux 9.0 i386
RedHat openssh-clients-2.5.2p2-5.i386.rpm
   + RedHat Linux 7.1
RedHat openssh-clients-2.9p2-7.i386.rpm
   + RedHat Linux 7.2
RedHat openssh-clients-2.9p2-7.ia64.rpm
   + RedHat Linux 7.2 ia64
RedHat openssh-clients-3.1p1-3.i386.rpm
   + RedHat Linux 7.3 i386
RedHat openssh-clients-3.4p1-2.i386.rpm
   + RedHat Linux 8.0 i386
RedHat openssh-clients-3.5p1-6.i386.rpm
   + RedHat Linux 9.0 i386
RedHat openssh-server-2.5.2p2-5.i386.rpm
   + RedHat Linux 7.1
RedHat openssh-server-2.9p2-7.i386.rpm
   + RedHat Linux 7.2
RedHat openssh-server-2.9p2-7.ia64.rpm
   + RedHat Linux 7.2 ia64
RedHat openssh-server-3.1p1-3.i386.rpm
   + RedHat Linux 7.3 i386
RedHat openssh-server-3.4p1-2.i386.rpm
   + RedHat Linux 8.0 i386
RedHat openssh-server-3.5p1-6.i386.rpm
   + RedHat Linux 9.0 i386
Stonesoft StoneGate 1.5.17
Stonesoft StoneGate 1.5.18
Stonesoft StoneGate 1.6.2
Stonesoft StoneGate 1.6.3
Stonesoft StoneGate 1.7
Stonesoft StoneGate 1.7.1
Stonesoft StoneGate 1.7.2
Stonesoft StoneGate 2.0.1
Stonesoft StoneGate 2.0.4
Stonesoft StoneGate 2.0.5
Stonesoft StoneGate 2.0.6
Stonesoft StoneGate 2.0.7
Stonesoft StoneGate 2.0.8
Stonesoft StoneGate 2.0.9
Stonesoft StoneGate 2.1
Stonesoft StoneGate 2.2
Stonesoft StoneGate 2.2.1

未影响系统

F-Secure SSH 1.3.15
OpenSSH OpenSSH 3.7.1 p1
OpenSSH OpenSSH 3.7.1

最近严重漏洞

OpenSSH缓冲区管理存在漏洞