AskF5 Knowledge Base

Applies To:

Show Versions Show Versions
sol1880: Is the EDGE-FX Cache vulnerable to the ISS Advisory OpenSSH Remote Challenge Vulnerability CERT CA-2002-18?
General SolutionGeneral Solution

Original Publication Date: 02/16/2006

CERT recently released advisory CA-2002-18, regarding the challenge response handling code in OpenSSH versions 2.3.1p1 through 3.3. For more information about the advisory, see http://www.cert.org/advisories/CA-2002-18.html. The EDGE-FX Cache uses OpenSSH, and is vulnerable. To immediately stop this vulnerability, F5 Networks is releasing the following patch.



Installing the patch

To install the patch, use the following steps:

  1. On the EDGE-FX Cache, log in as root.
  2. Change to the /cachelogs directory by typing:

    cd /cachelogs

  3. Connect to the F5 Networks FTP site (ftp.f5.com).
  4. Log in to the FTP site with a user name and password provided by Technical Support.
  5. Change to binary transfer mode by typing:

    bin

  6. Download one of the following files:

    • For version 2.0, go to the Domestic/Edgefx/v2.0/openssh_patch directory on the FTP site, download the openssh-3.4-0-Linux-2.2.1622.im file and the openssl-0.9.6-0-Linux-2.2.1622.im to the /cachelogs directory on the EDGE-FX Cache.
    • For version 2.2 and 3.0, go to the Domestic/Edgefx/openssh_patch directory on the FTP site, download the openssh-3.4-0-Linux-2.2.1622.im file to the /cachelogs directory on the EDGE-FX Cache.
  7. End the FTP session by typing:

    quit

  8. Stop the SSH daemon:

    • For the EDGE-FX Cache version 2.0, type:

      edgefx service sshd stop

    • For the EDGE-FX Cache version 2.2 and 3.0, type:

      ITCMconsole service sshd stop

  9. Install the patch:

    • For the EDGE-FX Cache version 2.0, type:

      im --force openssh-3.4-0-Linux-2.2.1622.im

      im --force openssl-0.9.6-0-Linux-2.2.1622.im

    • For the EDGE-FX Cache version 2.2 and 3.0, type:

      im --force openssh-3.4-0-Linux-2.2.1622.im

  10. Start the SSH daemon:

    • For the EDGE-FX Cache version 2.0, type:

      edgefx service sshd start

    • For the EDGE-FX Cache version 2.2 and 3.0, type:

      ITCMconsole service sshd start

  11. After you install the patch, the EDGE-FX Cache is no longer susceptible to the vulnerability and you can delete the file(s) that you downloaded from the FTP site.
  12. Check the version of the OpenSSH by typing:

    sshd -v

    In the ensuing output, you should see:

    sshd version OpenSSH_3.4p1

Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.



Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)