-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 -------------------------------------------------------------------------- Turbolinux Security Advisory TLSA-2006-34 http://www.turbolinux.co.jp/security/ security-team@turbolinux.co.jp -------------------------------------------------------------------------- Original released date: 17 Oct 2006 Last revised: 17 Oct 2006 Package: openssh Summary: openssh denial of service attack More information: OpenSSH is a FREE version of the SSH connectivity tools that technical users of the Internet rely on. Multiple vulnerabilities exist in openssh. Impact: The openssh allows remote attackers to cause a denial of service. Affected Products: - Turbolinux Appliance Server 2.0 - Turbolinux FUJI - Turbolinux 10 Server x64 Edition - Turbolinux Appliance Server 1.0 Hosting Edition - Turbolinux Appliance Server 1.0 Workgroup Edition - Turbolinux 10 Server - Turbolinux Home - Turbolinux 10 F... - Turbolinux 10 Desktop - Turbolinux Multimedia - Turbolinux Personal - Turbolinux 8 Server - Turbolinux 7 Server Source Packages Size: MD5 openssh-3.9p1-9.src.rpm 911536 91b5439423c267b145d0d5eef6f5be28 Binary Packages Size: MD5 openssh-3.9p1-9.i586.rpm 189439 67d2d51de653cf151c88a606cfdba11a openssh-askpass-3.9p1-9.i586.rpm 36646 8811bee90adacbea35c2118d857d80e9 openssh-clients-3.9p1-9.i586.rpm 215405 5bf33168565e86ca0e99757c5a14e0d7 openssh-server-3.9p1-9.i586.rpm 217282 f9e32efc5ef43649ce8f274ba507096f Source Packages Size: MD5 openssh-4.1p1-5.src.rpm 953163 ae580d74260bf0c5df3518c62c62d9c1 Binary Packages Size: MD5 openssh-4.1p1-5.i686.rpm 235162 0d80ffc834bef0bd3f5100a6f6c8382f openssh-askpass-4.1p1-5.i686.rpm 37677 7f6a5f9a153e42a0098fcd75f47f36ef openssh-clients-4.1p1-5.i686.rpm 254156 5bb14e97c5c50085e9258e6620000441 openssh-server-4.1p1-5.i686.rpm 256817 251043b43f8e9a48325b99e0aa8fade3 Source Packages Size: MD5 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/SRPMS/openssh-3.9p1-9.src.rpm 911536 f51e9043ac2ef3791411341bb8b224c4 Binary Packages Size: MD5 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/openssh-3.9p1-9.x86_64.rpm 202882 a5cb237c71274934b0537f4a18c71182 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/openssh-askpass-3.9p1-9.x86_64.rpm 38539 9ea0a3c0b377edd0c7f9188d8fa73e17 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/openssh-clients-3.9p1-9.x86_64.rpm 237339 04eb7c2bf37b7f2851ec3e8da91173e6 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/openssh-server-3.9p1-9.x86_64.rpm 246106 e7229cf19db668140036854d497cc30d Source Packages Size: MD5 openssh-3.7.1p2-9.src.rpm 845550 2ddd0ed72fa1de06f190304c91526e30 Binary Packages Size: MD5 openssh-3.7.1p2-9.i586.rpm 194553 e5518fcc0f25d8f892e16d57468c65d8 openssh-askpass-3.7.1p2-9.i586.rpm 34125 2a41cf4d64c9e01fa99488522bccb377 openssh-clients-3.7.1p2-9.i586.rpm 216671 b4054c58fb7451e0df18ae73df309baa openssh-server-3.7.1p2-9.i586.rpm 225447 f86b7011ed7702baeab3cf5efa786f39 Source Packages Size: MD5 openssh-3.7.1p2-9.src.rpm 845550 6a993a0a01ac38a0a8a5208494ce4907 Binary Packages Size: MD5 openssh-3.7.1p2-9.i586.rpm 194721 66d617fb1d1507cc7f63acd35dcde39c openssh-askpass-3.7.1p2-9.i586.rpm 34297 379008c71ffdae22141c7144816cf5c1 openssh-clients-3.7.1p2-9.i586.rpm 216802 9f354d06bf8270be036ab822f5ee262e openssh-server-3.7.1p2-9.i586.rpm 225493 a2b68b2751c7983e519cf43da138016b Source Packages Size: MD5 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/SRPMS/openssh-3.9p1-9.src.rpm 911536 91b5439423c267b145d0d5eef6f5be28 Binary Packages Size: MD5 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/openssh-3.9p1-9.i586.rpm 189439 67d2d51de653cf151c88a606cfdba11a ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/openssh-askpass-3.9p1-9.i586.rpm 36646 8811bee90adacbea35c2118d857d80e9 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/openssh-clients-3.9p1-9.i586.rpm 215405 5bf33168565e86ca0e99757c5a14e0d7 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/openssh-server-3.9p1-9.i586.rpm 217282 f9e32efc5ef43649ce8f274ba507096f Source Packages Size: MD5 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/openssh-3.8p1-9.src.rpm 881959 67b46071c62c702cb2cca5555a269671 Binary Packages Size: MD5 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/openssh-3.8p1-9.i586.rpm 192916 e37545bfa6888403e62ee0bbf6697499 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/openssh-askpass-3.8p1-9.i586.rpm 36534 605a39ed282744523eb5de3221196599 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/openssh-clients-3.8p1-9.i586.rpm 211758 7edb09e1d82caceffc4fdda43d1c719e ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/openssh-server-3.8p1-9.i586.rpm 214340 5071e7b6b56c4171240ccd4a60a5df0e Source Packages Size: MD5 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/SRPMS/openssh-3.7.1p2-9.src.rpm 845550 a2f2f5ae65cba9dca8019191affc853a Binary Packages Size: MD5 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/openssh-3.7.1p2-9.i586.rpm 194640 e15b53b7170b0304363ef1bddade5b97 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/openssh-askpass-3.7.1p2-9.i586.rpm 34319 5fb4f376bd1939d9db6434acf0f78d25 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/openssh-askpass-gnome-3.7.1p2-9.i586.rpm 15639 f5bb2572aea8bb1af51409a37126d793 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/openssh-clients-3.7.1p2-9.i586.rpm 216737 0415f847b39cfb4364260654d0406cfa ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/openssh-server-3.7.1p2-9.i586.rpm 225441 2a23ffe9fe89228ff67fbbdee40fdd33 Source Packages Size: MD5 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/SRPMS/openssh-3.7.1p2-9.src.rpm 845550 a16edea1de159e5cd1955150d41465fb Binary Packages Size: MD5 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/openssh-3.7.1p2-9.i586.rpm 190484 c3ca63963e48f9f519ded30a2abe35d9 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/openssh-askpass-3.7.1p2-9.i586.rpm 33885 50934d75f07f89a1091159181ada9cb9 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/openssh-clients-3.7.1p2-9.i586.rpm 210826 8b2dcdbf3dc671dcaf1540246ba65ed0 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/openssh-server-3.7.1p2-9.i586.rpm 218223 2b7b83b36b1b6997f5d4b0e6ce97b993 CVE [CVE-2006-4924] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4924 [CVE-2006-4925] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4925 [CVE-2006-5051] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5051 -------------------------------------------------------------------------- Revision History 17 Oct 2006 Initial release -------------------------------------------------------------------------- Copyright(C) 2006 Turbolinux, Inc. All rights reserved. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux) iD8DBQFFNNK0K0LzjOqIJMwRAtG5AKCJ2szXOCE8z8wLJT+Quvviw3BkHQCfXKXm N7T5qNYWCmzEOHSfAP8AkNw= =uB6Z -----END PGP SIGNATURE-----