• Home
  • Systems
  • Networking
  • WordPress
  • Web
  • Geekery

Analysis and Review

Red Hat OpenSSH Backdoor Vulnerability

August 26, 2008 by Kurt Turner

Red Hat, Inc. is a company dedicated to free and open source software, and a major Linux distribution vendor. On August 22, 2008, Red Hat discovered that a website used for downloading updates had been compromised with rogue OpenSSH packages.  These packages contain code that opens a backdoor on the infected system allowing an intruder to gain superuser privileges.  The compromise affects both Red Hat and Fedora Linux distributions.

The  compromise resulted in the posting of a malicous update with the Red Hat signature which was available on some of the  download websites. Red Hat Enterprise Linux systems treated the updates as official, likely installing them automatically without raising any warnings.  Anyone who downloaded a recent copy of OpenSSH, on or before August 22, 2008, and installed the package, may be infected.

Red Hat reported that the problem was associated with download sites other than those of official Red Hat subscribers and that customers who keep their systems updated using Red Hat Network are not at risk.

Recommendations:

The following actions should be taken:

  • Check your system to ascertain if a rogue OpenSSH was installed. Red Hat has provided a web page http://www.redhat.com/security/data/openssh-blacklist.html outlining a process for you to detect a tampered software package.
  • If a rogue OpenSSH package was installed, immediately isolate the system, wipe the system clean and reinstall the operating system and application and apply the vendor update for OpenSSH.
  • Review system and firewall logs to identify anomalous activity associated with the rogue OpenSSH software.

References:

Red Hat:
http://rhn.redhat.com/errata/RHSA-2008-0855.html

SecurityFocus:
http://www.securityfocus.com/bid/30794

Filed Under: Systems

Latest and Greatest

Apache vs Nginx for WordPress

Certbot Lets Encrypt And WordPress MU Multi-Site

How To Find and Replace Multiple File in MS Word

How To Get Stretch Res on Windows 10 AMD Radeon For Game Play

This is the ASUS Chromebox we've been running for 2 years as our "brain" for our home grown digital display kiosk.

DIY Digital Signage Bulletin Board or Kiosk

© Copyright Analysis And Review · All Rights Reserved ·