-----BEGIN PGP SIGNED MESSAGE-----

===========================================================================
A  U  S  C  E  R  T                                           A  L  E  R  T
                                      
                       AL-1999.006  --  AUSCERT ALERT
                     Buffer Overflow in RSAREF2 and SSH
                              10 December 1999

===========================================================================

PROBLEM:  

	RSAREF2 is an implementation of the RSA algorithm from RSA Data
	Security. RSAREF2 may be used in products such as SSL-enabled web
	servers, SSH clients, or other cryptographically enhanced products.

	The SSH programs provide users with secure login connections
        over networks by use of cryptographic authentication, session
	encryption, and integrity protection methods.

        AusCERT has received information of a combination of remotely
	exploitable buffer overflows in the RSAREF2 implementation and
	SSH which may result in a remote compromise.

	Information regarding these vulnerabilities has been made
        publicly available.  AusCERT expects that intruders will actively
	exploit this vulnerability.

VERSIONS:
          
        The RSAREF2 implementation and any program which use this
	library maybe susceptible to a buffer overflow vulnerability.
	The RSAREF2 is typically used only inside the USA due to patent
	and export restrictions.

	SSH versions up to and including to 1.2.27 are also vulnerable to
	a buffer overflow. The buffer overflow is exploitable if SSH
	has been compiled with the RSAREF2 option.

	Other applications which use the RSAREF2 implementation may also
	be susceptible to similar buffer overflow vulnerabilities.
	
IMPACT:   

	The combination of the vulnerable version of RSAREF2 and
	vulnerable versions of SSH may allow remote users to execute
	arbitrary code as the owner of the sshd process (typically root)
	and gain privileged access.

	Only SSH versions that have been compiled with RSAREF2 are
	vulnerable and this is typically not the default for countries
	outside the USA.

SOLUTION: 

	Sites running the vulnerable RSAREF2 implementation in their
	SSH programs should rebuild their SSH programs to not use the
	RSAREF2 implementation.

	More specific information about the vulnerability can be found at
	the following location:

	  http://www.core-sdi.com/advisories/buffer%20overflow%20ing.htm

	The Non-USA versions of SSH should not be vulnerable to this
	particular combination of vulnerabilities as they should not
	contain the RSAREF2 implementation.

	You may also choose to use an alternative to standard SSH that
	does not contain the buffer overflow, such as OpenSSH with the
	ssl26 (or later) library:

	  http://www.openssh.com/

- ---------------------------------------------------------------------------
AusCERT acknowledges CORE SDI SA and the posters to the Bugtraq mailing list 
for information provided in this alert.
- ---------------------------------------------------------------------------

[AusCERT issues an alert when the risk posed by a vulnerability that may
not have been thoroughly investigated and for which a work-around or fix
may not yet have been developed requires notification.]

The AusCERT team has made every effort to ensure that the information
contained in this document is accurate at the time of publication. However,
the decision to use the information described is the responsibility of
each user or organisation.  The appropriateness of this document for an
organisation or individual system should be considered before application
in conjunction with local policies and procedures.  AusCERT takes no
responsibility for the consequences of applying the contents of this
document.

If you believe that your system has been compromised, contact AusCERT or
your representative in FIRST (Forum of Incident Response and Security
Teams).

AusCERT maintains an anonymous FTP service which is found on:
ftp://ftp.auscert.org.au/pub/.  This archive contains past SERT
and AusCERT Advisories, and other computer security information.

AusCERT maintains a World Wide Web service which is found on:
http://www.auscert.org.au/.

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business
		hours which are GMT+10:00 (AEST).  On call
		after hours for emergencies.
						       
Postal:
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld  4072
AUSTRALIA
===========================================================================

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
Comment: ftp://ftp.auscert.org.au/pub/auscert/AUSCERT_PGP.key

iQCVAwUBOFpbYih9+71yA2DNAQEVMAP/WVlGqesgvBHvIbA9Zf9Se5jvt9aU9SZc
vxrKWzIZXuLX5W552n/mHv6HE7GOhwDPoyhkkwjJwyRNPInSPcQMPo4kMNXgFAE9
7pdvSH2csalTqRvQfVljuGyXjQi3CrKhVtePlvPPZL55VEgYF0hGX8/gdcuTEQYI
jPkHsvNfrVo=
=HO63
-----END PGP SIGNATURE-----