openssh-4.3p2-29.2AXS3

エラータID: AXSA:2009-395:02

リリース日: 
2009/09/15 Tuesday - 12:59
題名: 
openssh-4.3p2-29.2AXS3
影響のあるチャネル: 
Asianux Server 3 for x86_64
Asianux Server 3 for x86
Severity: 
High
Description: 

以下項目について対処しました。

[Security Fix]
- 暗号ブロック連鎖 (CBC) モードで暗号ブロック連鎖アルゴリズムを使用している場合、リモートの攻撃者が、 SSH セッションで暗号化したテキストの任意のブロックから平文のデータに復号する脆弱性があります。 (CVE-2008-5161)

一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/

解決策: 

パッケージをアップデートしてください。

CVE: 
CVE-2008-5161
Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors.


追加情報: 

N/A

ダウンロード: 

SRPMS
  1. openssh-4.3p2-29.2AXS3.src.rpm
    MD5: ae18fa1ee2f48709e63f50c4ad138715
    SHA-256: 9d73e130ea118e644c6da21c7851de04a057611e9ec03ae7d09f0070b76d08e9
    Size: 875.62 kB

Asianux Server 3 for x86
  1. openssh-4.3p2-29.2AXS3.i386.rpm
    MD5: 4bde6134f5dd36b7cc7139a9b3088175
    SHA-256: 1edadecaa53c93b0dc149edb5f79eeb229bb104bb5c9204b4cd266d0d9a895d3
    Size: 286.00 kB
  2. openssh-askpass-4.3p2-29.2AXS3.i386.rpm
    MD5: 688cda821087acf5a804d7a11482c624
    SHA-256: 306111396d9c5fee358063ff875a361d218fd622e66f9adc827a8a6286382596
    Size: 38.95 kB
  3. openssh-clients-4.3p2-29.2AXS3.i386.rpm
    MD5: 66108b580cbedcc710c4400f7fbbf312
    SHA-256: 9e72b0fb07eb82fecda1929df272c4d7be1f3234fe0e824fa12f7d56261333cf
    Size: 445.73 kB
  4. openssh-server-4.3p2-29.2AXS3.i386.rpm
    MD5: d05a568450e9a6f1840fba16ae685266
    SHA-256: 31f3e84256faabe8f7407c129272079d94c23ea5d804f17a51d529fecaa58dd7
    Size: 257.67 kB

Asianux Server 3 for x86_64
  1. openssh-4.3p2-29.2AXS3.x86_64.rpm
    MD5: 936c07c0e554486a6bd3083436319753
    SHA-256: 110a305e4456b0297581d88d0172c2d8330df47b82a54f12343058b40fd2dc6f
    Size: 286.09 kB
  2. openssh-askpass-4.3p2-29.2AXS3.x86_64.rpm
    MD5: ce6e4abd6acac7c46d7dbefda4486b79
    SHA-256: f32ca088d2279fcf1bff741de254d1240a7cdd37071781b47869046a7ac660b2
    Size: 39.39 kB
  3. openssh-clients-4.3p2-29.2AXS3.x86_64.rpm
    MD5: ec470321f226b5a2e8a432f0ebf95483
    SHA-256: bd89073a7c1c2a2ca0033235caefc86c955300982208efa0abaa265d5023ef75
    Size: 446.92 kB
  4. openssh-server-4.3p2-29.2AXS3.x86_64.rpm
    MD5: 895da5aecc32b1b231a3a8de9010f0ad
    SHA-256: 4c33dd9f89eea2c6dab4505047408ae056cea87bd605c1bb5c63c3fe13c4fd35
    Size: 261.59 kB