- Cool Yule Tools: 2008 Holiday Gift Guide
- 10 kitchen gadgets for the geek gourmet
- Google admits to violating iPhone development terms
- Smartphone smackdown: Storm vs. iPhone
- Google layoffs: 10,000 jobs being cut
The CERT Coordination Center is warning users about a serious security vulnerability in the OpenSSH (Secure Shell) that could enable a remote attacker to run malicious code or launch a denial-of-service attack against machines running the popular suite of secure network connectivity tools.
Many of the leading Unix and Linux operating systems ship with OpenSSH and are vulnerable to attack. In addition, an unknown number of hardware devices such as network routers and switches use the popular package and will need to be patched, according to Dan Ingevaldson, engineering manager of Internet Security Systems' (ISS) X-Force security group.
OpenSSH is a common tool used by network administrators to remotely communicate with hardware devices, replacing earlier communications tools like telnet and rlogin (remote login) that sent communications back and forth in an unencrypted form.
The exploitable flaw is in the buffer management function of OpenSSH software prior to version 3.7 and could make it possible for remote attackers to cause a buffer overflow on vulnerable machines, according to a CERT advisory.
Attackers would need to modify certain OpenSSH parameters and send extra-large SSH data packets, perhaps larger than 10M bytes, to vulnerable machines to create the buffer overflow, Ingevaldson said.
ISS recently discovered the problem itself and was researching it internally, he said.
However, the company's work was preempted by others on the Internet who had also discovered the flaw and began discussing it on public security news groups. That prompted ISS to issue its warning and contact the OpenBSD project, which manages OpenSSH, about the problem, Ingevaldson said.
Ingevaldson does not believe that ISS staff are responsible for leaking news about the OpenSSH security hole.
Despite rumors on security discussion lists about code that can exploit the OpenSSH vulnerability, ISS has not developed and does not know of any software code that takes advantage of the flaw, Ingevaldson said.
Nevertheless, the popularity of OpenSSH makes the vulnerability attractive to malicious hackers and worth paying attention to, he said. Because the suite of tools is an open-source product and available free on the Internet, there is no easy way to determine how many or which products use it, he said.
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment