Patch your FreeBSD server for openssh vulnerabilities [11/Jan/2017]

OpenSSH is critical for both sysadmin and programmers. It is an implementation of the SSH protocol suite, from OpenBSD project. It provides an encrypted session to your server.

OpenSSH multiple vulnerabilities

OpenSSH has multiple vulnerabilities as of 11th January 2017 running on FreeBSD operating system. From the advisory:

The ssh-agent(1) agent supports loading a PKCS#11 module from outside a trusted whitelist. An attacker can request loading of a PKCS#11 module across forwarded agent-socket. [CVE-2016-10009]

When privilege separation is disabled, forwarded Unix domain sockets would be created by sshd(8) with the privileges of ‘root’ instead of the authenticated user. [CVE-2016-10010]

Solution

I updated my vulnerable FreeBSD box via a binary patch:
# freebsd-update fetch
# freebsd-update install
# service sshd restart
# ps aux | grep -i ssh-agent

If found any ssh-agent process, kill all running ssh-agent:
# killall ssh-agent

Fig.01: Fixed FreeBSD-SA-17:01.openssh

Fig.01: Fixed FreeBSD-SA-17:01.openssh


For more info see FreeBSD security mailing list.

In Category: Link

Vivek Gite

Vivek Gite, nixCraft creator, and professional Unix sysadmin/DevOps is obsessed with optimizing the servers and making sure data center stays online 24x7.

Show 0 Comments
No comments yet. Be the first.

Leave a Comment