CVE-2007-0844: libpam-ssh: pam_ssh "auth_via_key()" Function

Debian Bug report logs - #410236
CVE-2007-0844: libpam-ssh: pam_ssh "auth_via_key()" Function

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Alex de Oliveira Silva <enerv@host.sk>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: CVE-2007-0844: libpam-ssh: pam_ssh "auth_via_key()" Function

Date: Thu, 08 Feb 2007 16:11:45 -0300

Package: libpam-ssh
Version: 1.91.0-9.1
Severity: important
Tags: security

The auth_via_key function in pam_ssh.c in pam_ssh before 1.92, when the
allow_blank_passphrase option is disabled, allows remote attackers to
bypass authentication restrictions and use private encryption keys
requiring a blank passphrase by entering a non-blank passphrase.

Reference:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0844
http://sourceforge.net/project/shownotes.php?release_id=484376
http://secunia.com/advisories/24061

Note:
Please mention the CVE id in the changelog.



regards,
-- 
   .''`.  
  : :' :    Alex de Oliveira Silva | enerv
  `. `'     www.enerv.net
    `- 

Message #10 received at 410236@bugs.debian.org (full text, mbox, reply):

From: Tobias Klauser <tklauser@access.unizh.ch>

To: 410236@bugs.debian.org

Cc: control@bugs.debian.org

Subject: Patch to fix CVE-2007-0844 taken from upstream version 1.92

Date: Fri, 17 Aug 2007 16:45:59 +0200

[Message part 1 (text/plain, inline)]

tags 410236 +patch
thanks

Hi,

Attached is a patch which incorporates the change taken from upstream version
1.92 into the package. The only change between 1.91 and 1.92 was to fix this
issue. Updating the package to the new upstream version might thus be more
worthwile than applying the patch.

As I'm not a Debian Developer and thus not able to do it myself any DD
might want to use this for an NMU.

Cheers, Tobias

[signature.asc (application/pgp-signature, inline)]

Message #17 received at 410236@bugs.debian.org (full text, mbox, reply):

From: Tobias Klauser <tklauser@access.unizh.ch>

To: 410236@bugs.debian.org

Subject: Actual patch (was: Patch to fix CVE-2007-0844 taken from upstream version 1.92)

Date: Fri, 17 Aug 2007 16:54:17 +0200

[Message part 1 (text/plain, inline)]

Sorry, I forgot to add the patch.

Thanks, Tobias

[cve-2007-0844.diff (text/x-diff, attachment)]

[signature.asc (application/pgp-signature, inline)]

Message #24 received at 410236-close@bugs.debian.org (full text, mbox, reply):

From: Nico Golde <nion@debian.org>

To: 410236-close@bugs.debian.org

Subject: Bug#410236: fixed in libpam-ssh 1.91.0-9.2

Date: Thu, 30 Aug 2007 15:32:07 +0000

Source: libpam-ssh
Source-Version: 1.91.0-9.2

We believe that the bug you reported is fixed in the latest version of
libpam-ssh, which is due to be installed in the Debian FTP archive:

libpam-ssh_1.91.0-9.2.diff.gz
  to pool/main/libp/libpam-ssh/libpam-ssh_1.91.0-9.2.diff.gz
libpam-ssh_1.91.0-9.2.dsc
  to pool/main/libp/libpam-ssh/libpam-ssh_1.91.0-9.2.dsc
libpam-ssh_1.91.0-9.2_i386.deb
  to pool/main/libp/libpam-ssh/libpam-ssh_1.91.0-9.2_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 410236@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Nico Golde <nion@debian.org> (supplier of updated libpam-ssh package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Thu, 30 Aug 2007 16:55:51 +0200
Source: libpam-ssh
Binary: libpam-ssh
Architecture: source i386
Version: 1.91.0-9.2
Distribution: unstable
Urgency: low
Maintainer: Aurelien Labrosse <aurelien.labrosse@free.fr>
Changed-By: Nico Golde <nion@debian.org>
Description: 
 libpam-ssh - enable SSO behavior for ssh and pam
Closes: 410236
Changes: 
 libpam-ssh (1.91.0-9.2) unstable; urgency=low
 .
   * Non-maintainer upload by testing security team.
   * Include 03_fix-CVE-2007-0844 to fix authentication bypass if
     allow_blank_passphrase is enabled (CVE-2007-0844) (Closes: #410236).
   * Included 04_fix_syslogh_inclusion.dpatch to fix missing inclusion
     of syslog headers which lead to FTBFS.
Files: 
 1bc367982e48823fae1b101a0713bc0d 692 admin optional libpam-ssh_1.91.0-9.2.dsc
 184e95cf8e23431a404fd1ab26b576e3 345163 admin optional libpam-ssh_1.91.0-9.2.diff.gz
 81575e2f4eaf37b3065d45c4295a1e08 49352 admin optional libpam-ssh_1.91.0-9.2_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFG1uDFHYflSXNkfP8RAoykAJ40sIxnahm7V5IRfAPOjG2cjzMn3gCfaMeY
v6xnsd7Znk0Mv+UU502MS+o=
=yDfM
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.