OpenSSH vulnerabilities CVE-2007-4752 & CVE-2008-1483

book

Article ID: 167786

calendar_today

Updated On:

Products

XOS

Issue/Introduction

After a network audit, it was been reported by the security tool that the Bluecoat XOS chassis was vulnerable to some SSH vulnerabilities.
Two OpenSSH vulnerabilities were flagged on a Bluecoat XOS CPM after a network scan audit, noted below.
 
3.1.3. OpenSSH X11 Cookie Local Authentication Bypass Vulnerability (openssh-x11-cookie-auth-bypass) , also known as CVE-2007-4752.
OpenBSD OpenSSH 4.3 on Linux 2.6.18 - 2.6.32 
 
 
3.2.1. OpenSSH X11 Forwarding Information Disclosure Vulnerability (ssh-openssh-x11-fowarding-info-disclosure) , also known as CVE-2008-1483.
OpenBSD OpenSSH 4.3 on Linux 2.6.18 - 2.6.32 
 

Cause

Are Bluecoat XOS CPMs actually vulnerable to these two vulnerabilities?  If so, is there a security patch available for them?

Resolution

The first item (CVE-2007-4752) is covered by RHSA-2008:0855-6 from RedHat (http://rhn.redhat.com/errata/RHSA-2008-0855.html).

XOS 9.5.5 and later uses openssh 4.3p2-36.el5_4.2, which has the relevant security patch(es) incorporated.




The second item (CVE-2008-1483) was fixed in EL5 according to RedHat:
"Versions of openssh packages as shipped with Red Hat Enterprise Linux versions 4 and 5 are not vulnerable to this issue as it was fixed as a side effect of another change." 

Workaround

n/a