7.5 - GLSA-201405-06

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Summary
Title	OpenSSH: Multiple vulnerabilities

Informations
Name	GLSA-201405-06	First vendor Publication	2014-05-11
Vendor	Gentoo	Last vendor Modification	2014-05-11
Severity (Vendor)	High	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score	7.5	Attack Range	Network
Cvss Impact Score	6.4	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Synopsis

Multiple vulnerabilities have been found in OpenSSH, the worst of which may allow remote attackers to execute arbitrary code.

Background

OpenSSH is a complete SSH protocol implementation that includes an SFTP client and server support.

Description

Multiple vulnerabilities have been discovered in OpenSSH. Please review the CVE identifiers referenced below for details.

Impact

A remote attacker could execute arbitrary code, cause a Denial of Service condition, obtain sensitive information, or bypass environment restrictions.

Workaround

There is no known workaround at this time.

Resolution

All OpenSSH users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/openssh-6.6_p1-r1"

NOTE: One or more of the issues described in this advisory have been fixed in previous updates. They are included in this advisory for the sake of completeness. It is likely that your system is already no longer affected by them.

References

[ 1 ] CVE-2008-5161 : http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5161
[ 2 ] CVE-2010-4478 : http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4478
[ 3 ] CVE-2010-4755 : http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4755
[ 4 ] CVE-2010-5107 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-5107
[ 5 ] CVE-2011-5000 : http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-5000
[ 6 ] CVE-2012-0814 : http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0814
[ 7 ] CVE-2014-2532 : http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2532

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201405-06.xml

Original Source

Url : http://security.gentoo.org/glsa/glsa-201405-06.xml

CWE : Common Weakness Enumeration

%	Id	Name
17 %	CWE-399	Resource Management Errors
17 %	CWE-287	Improper Authentication
17 %	CWE-264	Permissions, Privileges, and Access Controls
17 %	CWE-255	Credentials Management
17 %	CWE-200	Information Exposure
17 %	CWE-189	Numeric Errors (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:11279

Oval ID:	oval:org.mitre.oval:def:11279
Title:	Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors.
Description:	Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2008-5161	Version:	5
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5	Product(s):
Definition Synopsis:
RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Oracle Linux 5.x AND Configuration section openssh is earlier than 0:4.3p2-36.el5 AND openssh-askpass is earlier than 0:4.3p2-36.el5 AND openssh-server is earlier than 0:4.3p2-36.el5 AND openssh-clients is earlier than 0:4.3p2-36.el5

Definition Id: oval:org.mitre.oval:def:12338

Oval ID:	oval:org.mitre.oval:def:12338
Title:	Security bypass vulnerability in OpenSSH version 5.6 or lower
Description:	OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-4478	Version:	3
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP	Product(s):	OpenSSH
Definition Synopsis:
OpenSSH is installed AND Check if OpenSSH version is less than or equal to 5.6

Definition Id: oval:org.mitre.oval:def:19515

Oval ID:	oval:org.mitre.oval:def:19515
Title:	AIX OpenSSH Vulnerability
Description:	The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2010-5107	Version:	5
Platform(s):	IBM AIX 5.3 IBM AIX 6.1 IBM AIX 7.1	Product(s):
Definition Synopsis:
OS check IBM AIX 5.3 is installed AND openssh.base.server less than or equal to 6.0.0.6101 OR OS check IBM AIX 6.1 is installed AND openssh.base.server less than or equal to 6.0.0.6101 OR OS check IBM AIX 7.1 is installed AND openssh.base.server less than or equal to 6.0.0.6101

Definition Id: oval:org.mitre.oval:def:19595

Oval ID:	oval:org.mitre.oval:def:19595
Title:	HP-UX Running HP Secure Shell, Remote Denial of Service (DoS)
Description:	The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2010-5107	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02886 HP Release B.11.11 AND Secure_Shell.SECURE_SHELL version is less than A.06.20.001 OR Criteria meets HP Security Bulletin HPSBUX02886 HP Release B.11.23 AND filesets tests Secure_Shell.SECSH-CMN version is less than A.06.20.002 AND Secure_Shell.SECURE_SHELL version is less than A.06.20.002 OR Criteria meets HP Security Bulletin HPSBUX02886 HP-UX B.11.31 AND filesets tests Secure_Shell.SECSH-CMN version is less than A.06.20.003 AND Secure_Shell.SECURE_SHELL version is less than A.06.20.003

Definition Id: oval:org.mitre.oval:def:21581

Oval ID:	oval:org.mitre.oval:def:21581
Title:	RHSA-2012:0884: openssh security, bug fix, and enhancement update (Low)
Description:	The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.
Family:	unix	Class:	patch
Reference(s):	RHSA-2012:0884-04 CESA-2012:0884 CVE-2011-5000	Version:	4
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	openssh
Definition Synopsis:
Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages section openssh-askpass is earlier than 0:5.3p1-81.el6 AND openssh-server is earlier than 0:5.3p1-81.el6 AND pam_ssh_agent_auth is earlier than 0:0.9-81.el6 AND openssh-clients is earlier than 0:5.3p1-81.el6 AND openssh-ldap is earlier than 0:5.3p1-81.el6 AND openssh is earlier than 0:5.3p1-81.el6

Definition Id: oval:org.mitre.oval:def:22951

Oval ID:	oval:org.mitre.oval:def:22951
Title:	ELSA-2009:1287: openssh security, bug fix, and enhancement update (Low)
Description:	Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors.
Family:	unix	Class:	patch
Reference(s):	ELSA-2009:1287-02 CVE-2008-5161	Version:	6
Platform(s):	Oracle Linux 5	Product(s):	openssh
Definition Synopsis:
Oracle Linux 5.x rpm test openssh is earlier than 0:4.3p2-36.el5 AND openssh-clients is earlier than 0:4.3p2-36.el5 AND openssh-server is earlier than 0:4.3p2-36.el5 AND openssh-askpass is earlier than 0:4.3p2-36.el5

Definition Id: oval:org.mitre.oval:def:23663

Oval ID:	oval:org.mitre.oval:def:23663
Title:	ELSA-2012:0884: openssh security, bug fix, and enhancement update (Low)
Description:	The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.
Family:	unix	Class:	patch
Reference(s):	ELSA-2012:0884-04 CVE-2011-5000	Version:	6
Platform(s):	Oracle Linux 6	Product(s):	openssh
Definition Synopsis:
Oracle Linux 6.x rpm test openssh-askpass is earlier than 0:5.3p1-81.el6 AND openssh-server is earlier than 0:5.3p1-81.el6 AND pam_ssh_agent_auth is earlier than 0:0.9-81.el6 AND openssh-clients is earlier than 0:5.3p1-81.el6 AND openssh-ldap is earlier than 0:5.3p1-81.el6 AND openssh is earlier than 0:5.3p1-81.el6

Definition Id: oval:org.mitre.oval:def:24391

Oval ID:	oval:org.mitre.oval:def:24391
Title:	USN-2155-1 -- openssh vulnerability
Description:	OpenSSH incorrectly handled environment restrictions with wildcards.
Family:	unix	Class:	patch
Reference(s):	USN-2155-1 CVE-2014-2532	Version:	5
Platform(s):	Ubuntu 13.10 Ubuntu 12.10 Ubuntu 12.04 Ubuntu 10.04	Product(s):	openssh
Definition Synopsis:
Ubuntu 13.10 release section Ubuntu 13.10 is installed AND openssh-server DPKG is earlier than 1:6.2p2-6ubuntu0.2 AND Ubuntu 12.10 release section Ubuntu 12.10 is installed AND openssh-server DPKG is earlier than 1:6.0p1-3ubuntu1.1 AND Ubuntu 12.04 release section Ubuntu 12.04 is installed AND openssh-server DPKG is earlier than 1:5.9p1-5ubuntu1.2 AND Ubuntu 10.04 release section Ubuntu 10.04 is installed AND openssh-server DPKG is earlier than 1:5.3p1-3ubuntu7.1

Definition Id: oval:org.mitre.oval:def:24888

Oval ID:	oval:org.mitre.oval:def:24888
Title:	AIX OpenSSH Vulnerability
Description:	sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2014-2532	Version:	4
Platform(s):	IBM AIX 6.1 IBM AIX 7.1	Product(s):
Definition Synopsis:
platforms IBM AIX 6.1 is installed AND IBM AIX 7.1 is installed AND File Version Exists openssh.base greater than or equal 4.0.0.5200 AND openssh.base less than or equal 6.0.0.6106

Definition Id: oval:org.mitre.oval:def:25710

Oval ID:	oval:org.mitre.oval:def:25710
Title:	SUSE-SU-2013:1345-1 -- Security update for OpenSSH
Description:	This update for OpenSSH provides the following fixes: * Implement remote denial of service hardening. (bnc#802639, CVE-2010-5107) * Use only FIPS 140-2 approved algorithms when FIPS mode is detected. (bnc#755505, bnc#821039) * Do not link OpenSSH binaries with LDAP libraries. (bnc#826906) Security Issue reference: * CVE-2010-5107 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5107 >
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1345-1 CVE-2010-5107	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	OpenSSH
Definition Synopsis:
Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section openssh RPM is earlier than 0:5.1p1-41.57.1 AND openssh-askpass RPM is earlier than 0:5.1p1-41.57.1

Definition Id: oval:org.mitre.oval:def:26218

Oval ID:	oval:org.mitre.oval:def:26218
Title:	RHSA-2012:0884: openssh security, bug fix, and enhancement update (Low)
Description:	The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:1591-02 CESA-2013:1591 CVE-2010-5107	Version:	5
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	openssh
Definition Synopsis:
Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages section openssh-askpass is earlier than 0:5.3p1-94.el6 AND openssh-server is earlier than 0:5.3p1-94.el6 AND pam_ssh_agent_auth is earlier than 0:0.9.3-94.el6 AND openssh-clients is earlier than 0:5.3p1-94.el6 AND openssh-ldap is earlier than 0:5.3p1-94.el6 AND openssh is earlier than 0:5.3p1-94.el6

Definition Id: oval:org.mitre.oval:def:27087

Oval ID:	oval:org.mitre.oval:def:27087
Title:	DEPRECATED: RHSA-2013:1591 -- openssh security, bug fix, and enhancement update (Low)
Description:	OpenSSH is OpenBSD's Secure Shell (SSH) protocol implementation. These packages include the core files necessary for the OpenSSH client and server. The default OpenSSH configuration made it easy for remote attackers to exhaust unauthorized connection slots and prevent other users from being able to log in to a system. This flaw has been addressed by enabling random early connection drops by setting MaxStartups to 10:30:100 by default. For more information, refer to the sshd_config(5) man page. (CVE-2010-5107) These updated openssh packages include numerous bug fixes and enhancements. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.5 Technical Notes, linked to in the References, for information on the most significant of these changes. All openssh users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:1591 CESA-2013:1591 CVE-2010-5107	Version:	5
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	openssh
Definition Synopsis:
Red Hat Enterprise Linux 6 release section The operating system installed on the system is Red Hat Enterprise Linux 6 AND openssh-debuginfo is earlier than 0:5.3p1-94.el6 AND Red Hat Enterprise Linux 6 and CentOS Linux 6 release section Operation system section The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages match section openssh is earlier than 0:5.3p1-94.el6 AND openssh-askpass is earlier than 0:5.3p1-94.el6 AND openssh-clients is earlier than 0:5.3p1-94.el6 AND openssh-ldap is earlier than 0:5.3p1-94.el6 AND openssh-server is earlier than 0:5.3p1-94.el6 AND pam_ssh_agent_auth is earlier than 0:0.9.3-94.el6

Definition Id: oval:org.mitre.oval:def:27211

Oval ID:	oval:org.mitre.oval:def:27211
Title:	ELSA-2013-1591 -- openssh security, bug fix, and enhancement update (low)
Description:	[5.3p1-94] - use dracut-fips package to determine if a FIPS module is installed (#1001565)
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-1591 CVE-2010-5107	Version:	3
Platform(s):	Oracle Linux 6	Product(s):	openssh
Definition Synopsis:
Oracle Linux 6.x Packages match section openssh is earlier than 0:5.3p1-94.el6 AND openssh-askpass is earlier than 0:5.3p1-94.el6 AND openssh-clients is earlier than 0:5.3p1-94.el6 AND openssh-ldap is earlier than 0:5.3p1-94.el6 AND openssh-server is earlier than 0:5.3p1-94.el6 AND pam_ssh_agent_auth is earlier than 0:0.9.3-94.el6

Definition Id: oval:org.mitre.oval:def:27843

Oval ID:	oval:org.mitre.oval:def:27843
Title:	DEPRECATED: ELSA-2012-0884 -- openssh security, bug fix, and enhancement update (low)
Description:	[5.3p1-81] - fixes in openssh-5.3p1-required-authentications.patch (#657378) [5.3p1-79] - fix forward on non-localhost ports with IPv6 (#732955) [5.3p1-78] - clear SELinux exec context before exec passwd (#814691) [5.3p1-77] - prevent post-auth resource exhaustion (#809938) [5.3p1-76] - don't escape backslah in a banner (#809619) [5.3p1-75] - fix various issues in openssh-5.3p1-required-authentications.patch (#805901) [5.3p1-74] - fix out-of-memory killer patch (#744236) [5.3p1-73] - remove openssh-4.3p2-no-v6only.patch (#732955) - adjust Linux out-of-memory killer (#744236) - fix sshd init script - check existence of crypto (#797384) - add RequiredAuthentications[12] (#657378) - run privsep slave process as the users SELinux context (#798241) [5.3p1-72] - drop CAVS test driver (#782091) [5.3p1-71] - enable aes-ctr ciphers use the EVP engines from OpenSSL such as the AES-NI (#756929) - add CAVS test driver for the aes-ctr ciphers (#782091)
Family:	unix	Class:	patch
Reference(s):	ELSA-2012-0884 CVE-2011-5000	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	openssh
Definition Synopsis:
Oracle Linux 6.x Packages match section openssh is earlier than 0:5.3p1-81.el6 AND openssh-askpass is earlier than 0:5.3p1-81.el6 AND openssh-clients is earlier than 0:5.3p1-81.el6 AND openssh-ldap is earlier than 0:5.3p1-81.el6 AND openssh-server is earlier than 0:5.3p1-81.el6 AND pam_ssh_agent_auth is earlier than 0:0.9-81.el6

Definition Id: oval:org.mitre.oval:def:28386

Oval ID:	oval:org.mitre.oval:def:28386
Title:	HP-UX running HP Secure Shell, Remote Denial of Service (DoS) and other Vulnerabilities
Description:	sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2014-2532	Version:	8
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX03188 HP-UX B.11.11 AND filesets tests Secure_Shell.SECURE_SHELL version is less than A.06.20.010 OR Criteria meets HP Security Bulletin HPSBUX03188 HP-UX B.11.23 AND filesets tests Secure_Shell.SECURE_SHELL version is less than A.06.20.011 AND Secure_Shell.SECSH-CMN version is less than A.06.20.011 OR Criteria meets HP Security Bulletin HPSBUX03188 HP-UX B.11.31 AND filesets tests Secure_Shell.SECURE_SHELL version is less than A.06.20.012 AND Secure_Shell.SECSH-CMN version is less than A.06.20.012

Definition Id: oval:org.mitre.oval:def:29350

Oval ID:	oval:org.mitre.oval:def:29350
Title:	RHSA-2009:1287 -- openssh security, bug fix, and enhancement update (Low)
Description:	Updated openssh packages that fix a security issue, a bug, and add enhancements are now available for Red Hat Enterprise Linux 5. This update has been rated as having low security impact by the Red Hat Security Response Team.
Family:	unix	Class:	patch
Reference(s):	RHSA-2009:1287 CESA-2009:1287-CentOS 5 CVE-2008-5161	Version:	3
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	openssh
Definition Synopsis:
Operation system section The operating system installed on the system is Red Hat Enterprise Linux 5 AND The operating system installed on the system is CentOS Linux 5.x Packages match section openssh is earlier than 0:4.3p2-36.el5 AND openssh-askpass is earlier than 0:4.3p2-36.el5 AND openssh-clients is earlier than 0:4.3p2-36.el5 AND openssh-server is earlier than 0:4.3p2-36.el5

CPE : Common Platform Enumeration

Type	Description	Count
Application	Openbsd Openssh cpe:2.3:a:openbsd:openssh:6.5:p1:::::: cpe:2.3:a:openbsd:openssh:6.5:-:::::: cpe:2.3:a:openbsd:openssh:6.4:p1:::::: cpe:2.3:a:openbsd:openssh:6.4:-:::::: cpe:2.3:a:openbsd:openssh:6.3:p1:::::: cpe:2.3:a:openbsd:openssh:6.3:-:::::: cpe:2.3:a:openbsd:openssh:6.2:-:::::: cpe:2.3:a:openbsd:openssh:6.2:p1:::::: cpe:2.3:a:openbsd:openssh:6.2:p2:::::: cpe:2.3:a:openbsd:openssh:6.1:p1:::::: cpe:2.3:a:openbsd:openssh:6.1:-:::::: cpe:2.3:a:openbsd:openssh:6.0:-:::::: cpe:2.3:a:openbsd:openssh:6.0:p1:::::: cpe:2.3:a:openbsd:openssh:5.9:p1:::::: cpe:2.3:a:openbsd:openssh:5.9:-:::::: cpe:2.3:a:openbsd:openssh:5.8:p1:::::: cpe:2.3:a:openbsd:openssh:5.8:-:::::: cpe:2.3:a:openbsd:openssh:5.8:p2:::::: cpe:2.3:a:openbsd:openssh:5.7:p1:::::: cpe:2.3:a:openbsd:openssh:5.7:-:::::: cpe:2.3:a:openbsd:openssh:5.6:p1:::::: cpe:2.3:a:openbsd:openssh:5.6:-:::::: cpe:2.3:a:openbsd:openssh:5.5:p1:::::: cpe:2.3:a:openbsd:openssh:5.5:-:::::: cpe:2.3:a:openbsd:openssh:5.4:p1:::::: cpe:2.3:a:openbsd:openssh:5.4:-:::::: cpe:2.3:a:openbsd:openssh:5.3:p1:::::: cpe:2.3:a:openbsd:openssh:5.3:-:::::: cpe:2.3:a:openbsd:openssh:5.2:p1:::::: cpe:2.3:a:openbsd:openssh:5.2:-:::::: cpe:2.3:a:openbsd:openssh:5.1:p1:::::: cpe:2.3:a:openbsd:openssh:5.1:-:::::: cpe:2.3:a:openbsd:openssh:5.0:p1:::::: cpe:2.3:a:openbsd:openssh:5.0:-:::::: cpe:2.3:a:openbsd:openssh:4.9:-:::::: cpe:2.3:a:openbsd:openssh:4.9:p1:::::: cpe:2.3:a:openbsd:openssh:4.8:-:::::: cpe:2.3:a:openbsd:openssh:4.8:p1:::::: cpe:2.3:a:openbsd:openssh:4.7:-:::::: cpe:2.3:a:openbsd:openssh:4.7:p1:::::: cpe:2.3:a:openbsd:openssh:4.6:-:::::: cpe:2.3:a:openbsd:openssh:4.6:p1:::::: cpe:2.3:a:openbsd:openssh:4.5:-:::::: cpe:2.3:a:openbsd:openssh:4.5:p1:::::: cpe:2.3:a:openbsd:openssh:4.4:-:::::: cpe:2.3:a:openbsd:openssh:4.4:p1:::::: cpe:2.3:a:openbsd:openssh:4.3:-:::::: cpe:2.3:a:openbsd:openssh:4.3:p1:::::: cpe:2.3:a:openbsd:openssh:4.3:p2:::::: cpe:2.3:a:openbsd:openssh:4.2:-:::::: cpe:2.3:a:openbsd:openssh:4.2:p1:::::: cpe:2.3:a:openbsd:openssh:4.1:-:::::: cpe:2.3:a:openbsd:openssh:4.1:p1:::::: cpe:2.3:a:openbsd:openssh:4.0:-:::::: cpe:2.3:a:openbsd:openssh:4.0:p1:::::: cpe:2.3:a:openbsd:openssh:3.9.1:::::::* cpe:2.3:a:openbsd:openssh:3.9.1:p1:::::: cpe:2.3:a:openbsd:openssh:3.9:-:::::: cpe:2.3:a:openbsd:openssh:3.9:p1:::::: cpe:2.3:a:openbsd:openssh:3.8.1:-:::::: cpe:2.3:a:openbsd:openssh:3.8.1:p1:::::: cpe:2.3:a:openbsd:openssh:3.8:-:::::: cpe:2.3:a:openbsd:openssh:3.8:p1:::::: cpe:2.3:a:openbsd:openssh:3.7.1:-:::::: cpe:2.3:a:openbsd:openssh:3.7.1:p1:::::: cpe:2.3:a:openbsd:openssh:3.7.1:p2:::::: cpe:2.3:a:openbsd:openssh:3.7:::::::* cpe:2.3:a:openbsd:openssh:3.6.1:-:::::: cpe:2.3:a:openbsd:openssh:3.6.1:p1:::::: cpe:2.3:a:openbsd:openssh:3.6.1:p2:::::: cpe:2.3:a:openbsd:openssh:3.6:-:::::: cpe:2.3:a:openbsd:openssh:3.6:p1:::::: cpe:2.3:a:openbsd:openssh:3.5:-:::::: cpe:2.3:a:openbsd:openssh:3.5:p1:::::: cpe:2.3:a:openbsd:openssh:3.4:-:::::: cpe:2.3:a:openbsd:openssh:3.4:p1:::::: cpe:2.3:a:openbsd:openssh:3.3:-:::::: cpe:2.3:a:openbsd:openssh:3.3:p1:::::: cpe:2.3:a:openbsd:openssh:3.2.3:-:::::: cpe:2.3:a:openbsd:openssh:3.2.3:p1:::::: cpe:2.3:a:openbsd:openssh:3.2.2:-:::::: cpe:2.3:a:openbsd:openssh:3.2.2:p1:::::: cpe:2.3:a:openbsd:openssh:3.2:::::::* cpe:2.3:a:openbsd:openssh:3.1:-:::::: cpe:2.3:a:openbsd:openssh:3.1:p1:::::: cpe:2.3:a:openbsd:openssh:3.0.2:-:::::: cpe:2.3:a:openbsd:openssh:3.0.2:p1:::::: cpe:2.3:a:openbsd:openssh:3.0.1:-:::::: cpe:2.3:a:openbsd:openssh:3.0.1:p1:::::: cpe:2.3:a:openbsd:openssh:3.0:-:::::: cpe:2.3:a:openbsd:openssh:3.0:p1:::::: cpe:2.3:a:openbsd:openssh:2.9.9:p2:::::: cpe:2.3:a:openbsd:openssh:2.9.9:-:::::: cpe:2.3:a:openbsd:openssh:2.9.9:p1:::::: cpe:2.3:a:openbsd:openssh:2.9:-:::::: cpe:2.3:a:openbsd:openssh:2.9:p1:::::: cpe:2.3:a:openbsd:openssh:2.9:p2:::::: cpe:2.3:a:openbsd:openssh:2.5.2:-:::::: cpe:2.3:a:openbsd:openssh:2.5.2:p2:::::: cpe:2.3:a:openbsd:openssh:2.5.1:-:::::: cpe:2.3:a:openbsd:openssh:2.5.1:p1:::::: cpe:2.3:a:openbsd:openssh:2.5.1:p2:::::: cpe:2.3:a:openbsd:openssh:2.5:::::::* cpe:2.3:a:openbsd:openssh:2.3.1:::::::* cpe:2.3:a:openbsd:openssh:2.3.0:-:::::: cpe:2.3:a:openbsd:openssh:2.3.0:p1:::::: cpe:2.3:a:openbsd:openssh:2.3:::::::* cpe:2.3:a:openbsd:openssh:2.2.0:-:::::: cpe:2.3:a:openbsd:openssh:2.2.0:p1:::::: cpe:2.3:a:openbsd:openssh:2.2:::::::* cpe:2.3:a:openbsd:openssh:2.1.1:-:::::: cpe:2.3:a:openbsd:openssh:2.1.1:p1:::::: cpe:2.3:a:openbsd:openssh:2.1.1:p2:::::: cpe:2.3:a:openbsd:openssh:2.1.1:p3:::::: cpe:2.3:a:openbsd:openssh:2.1.1:p4:::::: cpe:2.3:a:openbsd:openssh:2.1.0:-:::::: cpe:2.3:a:openbsd:openssh:2.1.0:p1:::::: cpe:2.3:a:openbsd:openssh:2.1:::::::* cpe:2.3:a:openbsd:openssh:2:::::::* cpe:2.3:a:openbsd:openssh:1.5.8:::::::* cpe:2.3:a:openbsd:openssh:1.5.7:::::::* cpe:2.3:a:openbsd:openssh:1.5:::::::* cpe:2.3:a:openbsd:openssh:1.3:::::::* cpe:2.3:a:openbsd:openssh:1.2.3:-:::::: cpe:2.3:a:openbsd:openssh:1.2.3:p1:::::: cpe:2.3:a:openbsd:openssh:1.2.27:::::::* cpe:2.3:a:openbsd:openssh:1.2.2:-:::::: cpe:2.3:a:openbsd:openssh:1.2.2:p1:::::: cpe:2.3:a:openbsd:openssh:1.2.1:::::::* cpe:2.3:a:openbsd:openssh:1.2:::::::* cpe:2.3:a:openbsd:openssh:::::::: cpe:2.3:a:openbsd:openssh:-:::::::*	132
Application	Oracle Communications User Data Repository cpe:2.3:a:oracle:communications_user_data_repository:10.0.1:::::::*	1
Application	Ssh Tectia Client cpe:2.3:a:ssh:tectia_client:6.0.4:::::::* cpe:2.3:a:ssh:tectia_client:6.0.3:::::::* cpe:2.3:a:ssh:tectia_client:6.0.2:::::::* cpe:2.3:a:ssh:tectia_client:6.0.1:::::::* cpe:2.3:a:ssh:tectia_client:6.0.0:::::::* cpe:2.3:a:ssh:tectia_client:5.3.8:::::::* cpe:2.3:a:ssh:tectia_client:5.3.7:::::::* cpe:2.3:a:ssh:tectia_client:5.3.6:::::::* cpe:2.3:a:ssh:tectia_client:5.3.5:::::::* cpe:2.3:a:ssh:tectia_client:5.3.3:::::::* cpe:2.3:a:ssh:tectia_client:5.3.2:::::::* cpe:2.3:a:ssh:tectia_client:5.3.1:::::::* cpe:2.3:a:ssh:tectia_client:5.3.0:::::::* cpe:2.3:a:ssh:tectia_client:5.2.4:::::::* cpe:2.3:a:ssh:tectia_client:5.2.3:::::::* cpe:2.3:a:ssh:tectia_client:5.2.2:::::::* cpe:2.3:a:ssh:tectia_client:5.2.1:::::::* cpe:2.3:a:ssh:tectia_client:5.2.0:::::::* cpe:2.3:a:ssh:tectia_client:5.1.3:::::::* cpe:2.3:a:ssh:tectia_client:5.1.2:::::::* cpe:2.3:a:ssh:tectia_client:5.1.1:::::::* cpe:2.3:a:ssh:tectia_client:5.1.0:::::::* cpe:2.3:a:ssh:tectia_client:5.0.3f:::::::* cpe:2.3:a:ssh:tectia_client:5.0.3:::::::* cpe:2.3:a:ssh:tectia_client:5.0.2f:::::::* cpe:2.3:a:ssh:tectia_client:5.0.2:::::::* cpe:2.3:a:ssh:tectia_client:5.0.1f:::::::* cpe:2.3:a:ssh:tectia_client:5.0.1:::::::* cpe:2.3:a:ssh:tectia_client:5.0.0f:::::::* cpe:2.3:a:ssh:tectia_client:5.0.0:::::::* cpe:2.3:a:ssh:tectia_client:4.4.9:::::::* cpe:2.3:a:ssh:tectia_client:4.4.8:::::::* cpe:2.3:a:ssh:tectia_client:4.4.7:::::::* cpe:2.3:a:ssh:tectia_client:4.4.6:::::::* cpe:2.3:a:ssh:tectia_client:4.4.4:::::::* cpe:2.3:a:ssh:tectia_client:4.4.3:::::::* cpe:2.3:a:ssh:tectia_client:4.4.2:::::::* cpe:2.3:a:ssh:tectia_client:4.4.11:::::::* cpe:2.3:a:ssh:tectia_client:4.4.10:::::::* cpe:2.3:a:ssh:tectia_client:4.4.1:::::::* cpe:2.3:a:ssh:tectia_client:4.4:::::::* cpe:2.3:a:ssh:tectia_client:4.3.9k:::::::* cpe:2.3:a:ssh:tectia_client:4.3.8k:::::::* cpe:2.3:a:ssh:tectia_client:4.3.7:::::::* cpe:2.3:a:ssh:tectia_client:4.3.6:::::::* cpe:2.3:a:ssh:tectia_client:4.3.5:::::::* cpe:2.3:a:ssh:tectia_client:4.3.4:::::::* cpe:2.3:a:ssh:tectia_client:4.3.3:::::::* cpe:2.3:a:ssh:tectia_client:4.3.2j:::::::* cpe:2.3:a:ssh:tectia_client:4.3.2:::::::* cpe:2.3:a:ssh:tectia_client:4.3.1j:::::::* cpe:2.3:a:ssh:tectia_client:4.3.1:::::::* cpe:2.3:a:ssh:tectia_client:4.3:::::::* cpe:2.3:a:ssh:tectia_client:4.2.1:::::::* cpe:2.3:a:ssh:tectia_client:4.2:::::::* cpe:2.3:a:ssh:tectia_client:4.0.5:::::::* cpe:2.3:a:ssh:tectia_client:4.0.4:::::::* cpe:2.3:a:ssh:tectia_client:4.0.3:::::::* cpe:2.3:a:ssh:tectia_client:4.0.1:::::::* cpe:2.3:a:ssh:tectia_client:4.0:::::::*	60
Application	Ssh Tectia Connector cpe:2.3:a:ssh:tectia_connector:5.3.8:::::::* cpe:2.3:a:ssh:tectia_connector:5.3.7:::::::* cpe:2.3:a:ssh:tectia_connector:5.3.3:::::::* cpe:2.3:a:ssh:tectia_connector:5.3.2:::::::* cpe:2.3:a:ssh:tectia_connector:5.3.1:::::::* cpe:2.3:a:ssh:tectia_connector:5.3.0:::::::* cpe:2.3:a:ssh:tectia_connector:5.2.2:::::::* cpe:2.3:a:ssh:tectia_connector:5.1.3:::::::* cpe:2.3:a:ssh:tectia_connector:5.1.2:::::::* cpe:2.3:a:ssh:tectia_connector:5.1.1:::::::* cpe:2.3:a:ssh:tectia_connector:5.1.0:::::::* cpe:2.3:a:ssh:tectia_connector:5.0.3:::::::* cpe:2.3:a:ssh:tectia_connector:5.0.2:::::::* cpe:2.3:a:ssh:tectia_connector:5.0.1:::::::* cpe:2.3:a:ssh:tectia_connector:5.0.0:::::::* cpe:2.3:a:ssh:tectia_connector:4.4.9:::::::* cpe:2.3:a:ssh:tectia_connector:4.4.7:::::::* cpe:2.3:a:ssh:tectia_connector:4.4.6:::::::* cpe:2.3:a:ssh:tectia_connector:4.4.4:::::::* cpe:2.3:a:ssh:tectia_connector:4.4.2:::::::* cpe:2.3:a:ssh:tectia_connector:4.4.10:::::::* cpe:2.3:a:ssh:tectia_connector:4.4.0:::::::* cpe:2.3:a:ssh:tectia_connector:4.3.5:::::::* cpe:2.3:a:ssh:tectia_connector:4.3.4:::::::* cpe:2.3:a:ssh:tectia_connector:4.3.0:::::::* cpe:2.3:a:ssh:tectia_connector:4.2.0:::::::* cpe:2.3:a:ssh:tectia_connector:4.1.5:::::::* cpe:2.3:a:ssh:tectia_connector:4.1.3:::::::* cpe:2.3:a:ssh:tectia_connector:4.1.2:::::::* cpe:2.3:a:ssh:tectia_connector:4.0.7:::::::*	30
Application	Ssh Tectia Connectsecure cpe:2.3:a:ssh:tectia_connectsecure:6.0.4:::::::* cpe:2.3:a:ssh:tectia_connectsecure:6.0.3:::::::* cpe:2.3:a:ssh:tectia_connectsecure:6.0.2:::::::* cpe:2.3:a:ssh:tectia_connectsecure:6.0.1:::::::* cpe:2.3:a:ssh:tectia_connectsecure:6.0.0:::::::*	5
Application	Ssh Tectia Server cpe:2.3:a:ssh:tectia_server:6.0.4:::::::* cpe:2.3:a:ssh:tectia_server:6.0.4::linux_ibm_zos::::: cpe:2.3:a:ssh:tectia_server:6.0.3:::::::* cpe:2.3:a:ssh:tectia_server:6.0.2:::::::* cpe:2.3:a:ssh:tectia_server:6.0.1::ibm_zos::::: cpe:2.3:a:ssh:tectia_server:6.0.1:::::::* cpe:2.3:a:ssh:tectia_server:6.0.0:::::::* cpe:2.3:a:ssh:tectia_server:6.0.0::ibm_zos::::: cpe:2.3:a:ssh:tectia_server:5.5.1::ibm_zos::::: cpe:2.3:a:ssh:tectia_server:5.5.0::ibm_zos::::: cpe:2.3:a:ssh:tectia_server:5.4.2::ibm_zos::::: cpe:2.3:a:ssh:tectia_server:5.4.1::ibm_zos::::: cpe:2.3:a:ssh:tectia_server:5.4.0::ibm_zos::::: cpe:2.3:a:ssh:tectia_server:5.3.8:::::::* cpe:2.3:a:ssh:tectia_server:5.3.7:::::::* cpe:2.3:a:ssh:tectia_server:5.3.6:::::::* cpe:2.3:a:ssh:tectia_server:5.3.5:::::::* cpe:2.3:a:ssh:tectia_server:5.3.4:::::::* cpe:2.3:a:ssh:tectia_server:5.3.3:::::::* cpe:2.3:a:ssh:tectia_server:5.3.2:::::::* cpe:2.3:a:ssh:tectia_server:5.3.1:::::::* cpe:2.3:a:ssh:tectia_server:5.3.0::ibm_zos::::: cpe:2.3:a:ssh:tectia_server:5.3.0:::::::* cpe:2.3:a:ssh:tectia_server:5.2.4:::::::* cpe:2.3:a:ssh:tectia_server:5.2.3:::::::* cpe:2.3:a:ssh:tectia_server:5.2.2:::::::* cpe:2.3:a:ssh:tectia_server:5.2.2::ibm_zos::::: cpe:2.3:a:ssh:tectia_server:5.2.1::ibm_zos::::: cpe:2.3:a:ssh:tectia_server:5.2.0::ibm_zos::::: cpe:2.3:a:ssh:tectia_server:5.2.0:::::::* cpe:2.3:a:ssh:tectia_server:5.1.3:::::::* cpe:2.3:a:ssh:tectia_server:5.1.2:::::::* cpe:2.3:a:ssh:tectia_server:5.1.1:::::::* cpe:2.3:a:ssh:tectia_server:5.1.1::ibm_zos::::: cpe:2.3:a:ssh:tectia_server:5.1.0:::::::* cpe:2.3:a:ssh:tectia_server:5.0.3:::::::* cpe:2.3:a:ssh:tectia_server:5.0.2:::::::* cpe:2.3:a:ssh:tectia_server:5.0.1:::::::* cpe:2.3:a:ssh:tectia_server:5.0.0:::::::* cpe:2.3:a:ssh:tectia_server:4.4.9:::::::* cpe:2.3:a:ssh:tectia_server:4.4.8:::::::* cpe:2.3:a:ssh:tectia_server:4.4.7:::::::* cpe:2.3:a:ssh:tectia_server:4.4.6:::::::* cpe:2.3:a:ssh:tectia_server:4.4.5:::::::* cpe:2.3:a:ssh:tectia_server:4.4.4:::::::* cpe:2.3:a:ssh:tectia_server:4.4.2:::::::* cpe:2.3:a:ssh:tectia_server:4.4.11:::::::* cpe:2.3:a:ssh:tectia_server:4.4.10:::::::* cpe:2.3:a:ssh:tectia_server:4.4.1:::::::* cpe:2.3:a:ssh:tectia_server:4.4.0:::::::* cpe:2.3:a:ssh:tectia_server:4.4:::::::* cpe:2.3:a:ssh:tectia_server:4.3.7:::::::* cpe:2.3:a:ssh:tectia_server:4.3.6:::::::* cpe:2.3:a:ssh:tectia_server:4.3.5:::::::* cpe:2.3:a:ssh:tectia_server:4.3.4:::::::* cpe:2.3:a:ssh:tectia_server:4.3.3:::::::* cpe:2.3:a:ssh:tectia_server:4.3.2:::::::* cpe:2.3:a:ssh:tectia_server:4.3.1:::::::* cpe:2.3:a:ssh:tectia_server:4.3.0:::::::* cpe:2.3:a:ssh:tectia_server:4.3:::::::* cpe:2.3:a:ssh:tectia_server:4.2.2:::::::* cpe:2.3:a:ssh:tectia_server:4.2.1:::::::* cpe:2.3:a:ssh:tectia_server:4.2.0:::::::* cpe:2.3:a:ssh:tectia_server:4.1.5:::::::* cpe:2.3:a:ssh:tectia_server:4.1.3:::::::* cpe:2.3:a:ssh:tectia_server:4.1.2:::::::* cpe:2.3:a:ssh:tectia_server:4.0.7:::::::* cpe:2.3:a:ssh:tectia_server:4.0.5:::::::* cpe:2.3:a:ssh:tectia_server:4.0.4:::::::* cpe:2.3:a:ssh:tectia_server:4.0.3:::::::* cpe:2.3:a:ssh:tectia_server:4.0:::::::*	71
Os	Freebsd cpe:2.3:o:freebsd:freebsd:8.1:-:::::: cpe:2.3:o:freebsd:freebsd:7.3:-::::::	2
Os	Netbsd cpe:2.3:o:netbsd:netbsd:5.0.2:::::::*	1
Os	Openbsd cpe:2.3:o:openbsd:openbsd:4.7:::::::*	1

OpenVAS Exploits

Date	Description
2012-07-30	Name : CentOS Update for openssh CESA-2012:0884 centos6 File : nvt/gb_CESA-2012_0884_openssh_centos6.nasl
2012-06-28	Name : openssh-server Forced Command Handling Information Disclosure Vulnerability File : nvt/gb_openssh_51702.nasl
2012-06-22	Name : RedHat Update for openssh RHSA-2012:0884-04 File : nvt/gb_RHSA-2012_0884-04_openssh.nasl
2011-08-09	Name : CentOS Update for openssh CESA-2009:1287 centos5 i386 File : nvt/gb_CESA-2009_1287_openssh_centos5_i386.nasl
2010-05-12	Name : Mac OS X 10.6.2 Update / Mac OS X Security Update 2009-006 File : nvt/macosx_upd_10_6_2_secupd_2009-006.nasl
2009-09-21	Name : CentOS Security Advisory CESA-2009:1287 (openssh) File : nvt/ovcesa2009_1287.nasl
2009-09-09	Name : RedHat Security Advisory RHSA-2009:1287 File : nvt/RHSA_2009_1287.nasl
2009-04-23	Name : OpenSSH CBC Mode Information Disclosure Vulnerability File : nvt/openssh_32319_remote.nasl
2008-12-02	Name : OpenSSH CBC Mode Information Disclosure Vulnerability File : nvt/secpod_openssh_information_disclosure_vuln_900179.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
75249	OpenSSH sftp-glob.c remote_glob Function Glob Expression Parsing Remote DoS
75248	OpenSSH sftp.c process_put Function Glob Expression Parsing Remote DoS
69658	OpenSSH J-PAKE Public Parameter Validation Shared Secret Authentication Bypass OpenSSH contains a flaw related to public parameter validation of the J-PAKE protocol. The issue is triggered when a remote attacker uses crafted values for each round of the protocol to avoid the requirement for the shared sacred and bypass authentication.
50036	OpenSSH CBC Mode Chosen Ciphertext 32-bit Chunk Plaintext Context Disclosure
50035	SSH Tectia Multiple Products CBC Mode Chosen Ciphertext 32-bit Chunk Plaintex...

Information Assurance Vulnerability Management (IAVM)

Date	Description
2015-05-21	IAVM : 2015-A-0113 - Multiple Vulnerabilities in Juniper Networks CTPOS Severity : Category I - VMSKEY : V0060737

Snort® IPS/IDS

Date	Description
2015-04-02	OpenSSH maxstartup threshold potential connection exhaustion denial of servic... RuleID : 33654 - Revision : 6 - Type : SERVER-OTHER

Nessus® Vulnerability Scanner

Date	Description
2016-06-15	Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15780.nasl - Type : ACT_GATHER_INFO
2016-03-22	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2016-0038.nasl - Type : ACT_GATHER_INFO
2016-03-10	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2016-0033.nasl - Type : ACT_GATHER_INFO
2016-02-29	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2016-0030.nasl - Type : ACT_GATHER_INFO
2016-02-26	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2016-3521.nasl - Type : ACT_GATHER_INFO
2015-10-05	Name : The remote host is missing a Mac OS X update that fixes multiple security vul... File : macosx_10_11.nasl - Type : ACT_GATHER_INFO
2015-06-30	Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL14741.nasl - Type : ACT_GATHER_INFO
2015-03-30	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2015-095.nasl - Type : ACT_GATHER_INFO
2015-01-19	Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_ssh_20130716.nasl - Type : ACT_GATHER_INFO
2014-11-12	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1552.nasl - Type : ACT_GATHER_INFO
2014-11-12	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1591.nasl - Type : ACT_GATHER_INFO
2014-11-08	Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2013-1527.nasl - Type : ACT_GATHER_INFO
2014-10-23	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20141014_openssh_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-10-17	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1552.nasl - Type : ACT_GATHER_INFO
2014-10-14	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1552.nasl - Type : ACT_GATHER_INFO
2014-10-12	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-369.nasl - Type : ACT_GATHER_INFO
2014-10-10	Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL14609.nasl - Type : ACT_GATHER_INFO
2014-06-20	Name : The remote AIX host has a vulnerable version of OpenSSH. File : aix_openssh_advisory4.nasl - Type : ACT_GATHER_INFO
2014-06-19	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_openssh-140607.nasl - Type : ACT_GATHER_INFO
2014-06-19	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_openssh-140606.nasl - Type : ACT_GATHER_INFO
2014-06-10	Name : The remote Fedora host is missing a security update. File : fedora_2014-6569.nasl - Type : ACT_GATHER_INFO
2014-05-22	Name : The remote Fedora host is missing a security update. File : fedora_2014-6380.nasl - Type : ACT_GATHER_INFO
2014-05-12	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201405-06.nasl - Type : ACT_GATHER_INFO
2014-04-16	Name : The remote AIX host is running a vulnerable version of OpenSSH. File : aix_openssh_advisory2.nasl - Type : ACT_GATHER_INFO
2014-04-16	Name : The remote AIX host is running a vulnerable version of OpenSSH. File : aix_openssh_advisory.nasl - Type : ACT_GATHER_INFO
2014-04-10	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-068.nasl - Type : ACT_GATHER_INFO
2014-04-07	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2894.nasl - Type : ACT_GATHER_INFO
2014-03-31	Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2014-086-06.nasl - Type : ACT_GATHER_INFO
2014-03-26	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2155-1.nasl - Type : ACT_GATHER_INFO
2014-03-18	Name : The SSH server on the remote host is affected by multiple vulnerabilities. File : openssh_66.nasl - Type : ACT_GATHER_INFO
2013-12-04	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20131121_openssh_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-11-29	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1591.nasl - Type : ACT_GATHER_INFO
2013-11-21	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1591.nasl - Type : ACT_GATHER_INFO
2013-10-28	Name : The SSH server is configured to use Cipher Block Chaining. File : ssh_cbc_supported_ciphers.nasl - Type : ACT_GATHER_INFO
2013-09-04	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-99.nasl - Type : ACT_GATHER_INFO
2013-08-16	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_openssh-130716.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0884.nasl - Type : ACT_GATHER_INFO
2013-07-03	Name : The remote SSH service is susceptible to a remote denial of service attack. File : openssh_logingrace_dos.nasl - Type : ACT_GATHER_INFO
2013-04-20	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-051.nasl - Type : ACT_GATHER_INFO
2013-02-26	Name : The remote Fedora host is missing a security update. File : fedora_2013-2206.nasl - Type : ACT_GATHER_INFO
2013-02-13	Name : The remote Fedora host is missing a security update. File : fedora_2013-2212.nasl - Type : ACT_GATHER_INFO
2013-01-25	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_openssh-120813.nasl - Type : ACT_GATHER_INFO
2012-08-28	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_openssh-8248.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120620_openssh_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090902_openssh_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-07-11	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0884.nasl - Type : ACT_GATHER_INFO
2012-06-20	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0884.nasl - Type : ACT_GATHER_INFO
2011-11-18	Name : The SSH server on the remote host has multiple denial of service vulnerabilit... File : openssh_59.nasl - Type : ACT_GATHER_INFO
2011-10-04	Name : The remote SSH service may be affected by multiple vulnerabilities. File : openssh_57.nasl - Type : ACT_GATHER_INFO
2011-09-27	Name : The SSH service running on the remote host has an information disclosure vuln... File : openssh_plaintext_recovery.nasl - Type : ACT_GATHER_INFO
2011-08-29	Name : The SSH service running on the remote host has an information disclosure vuln... File : sunssh_plaintext_recovery.nasl - Type : ACT_GATHER_INFO
2010-01-06	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1287.nasl - Type : ACT_GATHER_INFO
2009-11-09	Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2009-006.nasl - Type : ACT_GATHER_INFO
2009-09-02	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1287.nasl - Type : ACT_GATHER_INFO
2007-03-18	Name : The remote host is missing Sun Security Patch number 122300-61 File : solaris9_122300.nasl - Type : ACT_GATHER_INFO
2007-03-18	Name : The remote host is missing Sun Security Patch number 122301-61 File : solaris9_x86_122301.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-05-13 13:25:15	Multiple Updates
2014-05-11 17:21:38	First insertion

Global Informations

Type	Count
CWE ID(s)	6
Oval ID(s)	16
CPE ID(s)	303
osvdb(s)	5
Openvas Exploit(s)	9
IAVM(s)	1
Snort® Rule(s)	1
Nessus® Exploit(s)	56

	Related
7.5	CVE-2010-4478
5	CVE-2010-5107
4.9	CVE-2014-2532
4	CVE-2010-4755
3.5	CVE-2012-0814
3.5	CVE-2011-5000
2.6	CVE-2008-5161
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 7 more Alert(s)