CERT Vulnerability Note VU#333628 – OpenSSH Buffer Overflow
A flaw in OpenSSH versions prior to 3.7.1 was discovered that could allow an attacker to create a buffer overflow condition and corrupt memory – leading to a denial of service condition. The error occurs when a buffer is allocated for a large packet. When the buffer is cleared, an improperly sized chunk of memory is filled with zeros. This leads to heap corruption, which could cause a denial-of-service condition.
For more information on this vulnerability, visit the following Web sites:
http://www.kb.cert.org/vuls/id/333628
http://www.openssh.com/txt/buffer.adv
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0693
Foundry Systems Affected:
All Foundry systems with software release prior to September 17, 2003 are affected. The vulnerability exposure that this SSH flaw creates is very difficult to perform on Foundry switches and routers. Foundry's OS technology does not allow a user to change their privilege level once they are logged into the device. The threat that an individual can corrupt buffer memory to enable them to run other privileged commands is extremely low with Foundry devices and this expose is more likely to cause a denial of service affect.
Patches are available that fix this vulnerability and customers should check with Foundry's Technical Assistance Center (TAC) for the appropriate patch release."