From owner-freebsd-security@FreeBSD.ORG  Tue May 13 12:05:21 2003
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 087F137B401
	for <freebsd-security@freebsd.org>;
	Tue, 13 May 2003 12:05:21 -0700 (PDT)
Received: from cowbert.2y.net (d46h180.public.uconn.edu [137.99.46.180])
	by mx1.FreeBSD.org (Postfix) with SMTP id 03D0A43FA3
	for <freebsd-security@freebsd.org>;
	Tue, 13 May 2003 12:05:20 -0700 (PDT)
	(envelope-from sirmoo@cowbert.2y.net)
Received: (qmail 9096 invoked by uid 1001); 13 May 2003 19:05:19 -0000
Date: Tue, 13 May 2003 15:05:19 -0400
From: "Peter C. Lai" <sirmoo@cowbert.2y.net>
To: Omar Lopez <magura@ardilla.dyndns.org>
Message-ID: <20030513190519.GU67769@cowbert.2y.net>
References: <1052775063.532.18.camel@croconout.casa.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <1052775063.532.18.camel@croconout.casa.net>
User-Agent: Mutt/1.4i
cc: FreeBSD Security <freebsd-security@freebsd.org>
Subject: Re: OpenSSH-portable <= 3.6.1p1 bug?
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: peter.lai@uconn.edu
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 13 May 2003 19:05:21 -0000

I think this explains it pretty well: (it's under section 3. of the advisory
you posted).

<blockquote>
NOTE. FreeBSD uses both a different PAM implementation and a different PAM
support in OpenSSH: it doesn't seem to be vulnerable to this particular timing
leak issue.

All OpenSSH-portable releases <= OpenSSH_3.6.1p1 compiled with PAM support 
enabled (./configure --with-pam) are vulnerable to this information leak. The
PAMAuthenticationViaKbdInt directive doesn't need to be enabled in sshd_config.
</blockquote>

Howevever, it lists MACOSX as "unconfirmed". I thought MACOSX used
the FreeBSD ssh implementation.

On Mon, May 12, 2003 at 11:31:03PM +0200, Omar Lopez wrote:
> Hi:
> I Read these security advisory.
> http://lab.mediaservice.net/advisory/2003-01-openssh.txt
> Is my FreeBSD 5.0 afected? What other versions are afected?
> 
> Thanks.
> 

-- 
Peter C. Lai
University of Connecticut
Dept. of Molecular and Cell Biology
Yale University School of Medicine
SenseLab | Research Assistant
http://cowbert.2y.net/