9.3 - RHSA-2008:0855

Executive Summary

Summary
Title	openssh security update

Informations
Name	RHSA-2008:0855	First vendor Publication	2008-08-22
Vendor	RedHat	Last vendor Modification	2008-08-22
Severity (Vendor)	Critical	Revision	01

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score	9.3	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

Updated openssh packages are now available for Red Hat Enterprise Linux 4, Red Hat Enterprise Linux 5, and Red Hat Enterprise Linux 4.5 Extended Update Support.

This update has been rated as having critical security impact by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux AS version 4.5.z - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux ES version 4.5.z - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64

3. Description:

OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation.

Last week Red Hat detected an intrusion on certain of its computer systems and took immediate action. While the investigation into the intrusion is on-going, our initial focus was to review and test the distribution channel we use with our customers, Red Hat Network (RHN) and its associated security measures. Based on these efforts, we remain highly confident that our systems and processes prevented the intrusion from compromising RHN or the content distributed via RHN and accordingly believe that customers who keep their systems updated using Red Hat Network are not at risk. We are issuing this alert primarily for those who may obtain Red Hat binary packages via channels other than those of official Red Hat subscribers.

In connection with the incident, the intruder was able to sign a small number of OpenSSH packages relating only to Red Hat Enterprise Linux 4 (i386 and x86_64 architectures only) and Red Hat Enterprise Linux 5 (x86_64 architecture only). As a precautionary measure, we are releasing an updated version of these packages, and have published a list of the tampered packages and how to detect them at http://www.redhat.com/security/data/openssh-blacklist.html

To reiterate, our processes and efforts to date indicate that packages obtained by Red Hat Enterprise Linux subscribers via Red Hat Network are not at risk.

These packages also fix a low severity flaw in the way ssh handles X11 cookies when creating X11 forwarding connections. When ssh was unable to create untrusted cookie, ssh used a trusted cookie instead, possibly allowing the administrative user of a untrusted remote server, or untrusted application run on the remote server, to gain unintended access to a users local X server. (CVE-2007-4752)

4. Solution:

Before applying this update, make sure that all previously-released errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188

5. Bugs fixed (http://bugzilla.redhat.com/):

280361 - CVE-2007-4752 openssh falls back to the trusted x11 cookie if generation of an untrusted cookie fails

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2008-0855.html

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-20	Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10809

Oval ID:	oval:org.mitre.oval:def:10809
Title:	ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted.
Description:	ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2007-4752	Version:	5
Platform(s):	Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5	Product(s):
Definition Synopsis:
OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section openssh is earlier than 0:3.9p1-11.el4_7 AND openssh-askpass is earlier than 0:3.9p1-11.el4_7 AND openssh-server is earlier than 0:3.9p1-11.el4_7 AND openssh-clients is earlier than 0:3.9p1-11.el4_7 AND openssh-askpass-gnome is earlier than 0:3.9p1-11.el4_7 OR OS Section: RHEL5, CentOS5, Oracle Linux 5 RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Oracle Linux 5.x AND Configuration section openssh is earlier than 0:4.3p2-26.el5_2.1 AND openssh-askpass is earlier than 0:4.3p2-26.el5_2.1 AND openssh-server is earlier than 0:4.3p2-26.el5_2.1 AND openssh-clients is earlier than 0:4.3p2-26.el5_2.1

Definition Id: oval:org.mitre.oval:def:17500

Oval ID:	oval:org.mitre.oval:def:17500
Title:	USN-566-1 -- openssh vulnerability
Description:	Jan Pechanec discovered that ssh would forward trusted X11 cookies when untrusted cookie generation failed.
Family:	unix	Class:	patch
Reference(s):	USN-566-1 CVE-2007-4752	Version:	5
Platform(s):	Ubuntu 6.06 Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10	Product(s):	openssh
Definition Synopsis:
Release section Ubuntu 6.06 is installed AND openssh-client DPKG is earlier than 1:4.2p1-7ubuntu3.2 AND Release section Ubuntu 6.10 is installed AND openssh-client DPKG is earlier than 1:4.3p2-5ubuntu1.1 AND Release section Ubuntu 7.04 is installed AND openssh-client DPKG is earlier than 1:4.3p2-8ubuntu1.1 AND Release section Ubuntu 7.10 is installed AND openssh-client DPKG is earlier than 1:4.6p1-5ubuntu0.1

Definition Id: oval:org.mitre.oval:def:18593

Oval ID:	oval:org.mitre.oval:def:18593
Title:	DSA-1576-1 openssh openssh-blacklist - predictable randomness
Description:	The recently announced vulnerability in Debian's openssl package (<a href="/security/2008/dsa-1571">DSA-1571-1</a>, <a href="http://security-tracker.debian.org/tracker/CVE-2008-0166">CVE-2008-0166</a>) indirectly affects OpenSSH. As a result, all user and host keys generated using broken versions of the openssl package must be considered untrustworthy, even after the openssl update has been applied.
Family:	unix	Class:	patch
Reference(s):	DSA-1576-1 CVE-2008-0166 CVE-2008-1483 CVE-2007-4752	Version:	5
Platform(s):	Debian GNU/Linux 4.0	Product(s):	openssh
Definition Synopsis:
Debian GNU/Linux 4.0 is installed. AND openssh DPKG is earlier than 1:4.3p2-9etch2

Definition Id: oval:org.mitre.oval:def:21987

Oval ID:	oval:org.mitre.oval:def:21987
Title:	ELSA-2008:0855: openssh security update (Critical)
Description:	Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.
Family:	unix	Class:	patch
Reference(s):	ELSA-2008:0855-01 CVE-2007-4752 CVE-2008-3844	Version:	13
Platform(s):	Oracle Linux 5	Product(s):	openssh
Definition Synopsis:
Oracle Linux 5.x rpm test openssh is earlier than 0:4.3p2-26.el5_2.1 AND openssh-clients is earlier than 0:4.3p2-26.el5_2.1 AND openssh-server is earlier than 0:4.3p2-26.el5_2.1 AND openssh-askpass is earlier than 0:4.3p2-26.el5_2.1

Definition Id: oval:org.mitre.oval:def:29192

Oval ID:	oval:org.mitre.oval:def:29192
Title:	RHSA-2008:0855 -- openssh security update (Critical)
Description:	Updated openssh packages are now available for Red Hat Enterprise Linux 4, Red Hat Enterprise Linux 5, and Red Hat Enterprise Linux 4.5 Extended Update Support. This update has been rated as having critical security impact by the Red Hat Security Response Team.
Family:	unix	Class:	patch
Reference(s):	RHSA-2008:0855 CESA-2008:0855-CentOS 5 CVE-2007-4752 CVE-2008-3844	Version:	3
Platform(s):	Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	openssh
Definition Synopsis:
Red Hat Enterprise Linux 4 release section The operating system installed on the system is Red Hat Enterprise Linux 4 Packages match section openssh is earlier than 0:3.9p1-11.el4_7 AND openssh-askpass is earlier than 0:3.9p1-11.el4_7 AND openssh-askpass-gnome is earlier than 0:3.9p1-11.el4_7 AND openssh-clients is earlier than 0:3.9p1-11.el4_7 AND openssh-server is earlier than 0:3.9p1-11.el4_7 AND Red Hat Enterprise Linux 5 and CentOS Linux 5 release section Operation system section The operating system installed on the system is Red Hat Enterprise Linux 5 AND The operating system installed on the system is CentOS Linux 5.x Packages match section openssh is earlier than 0:4.3p2-26.el5_2.1 AND openssh-askpass is earlier than 0:4.3p2-26.el5_2.1 AND openssh-clients is earlier than 0:4.3p2-26.el5_2.1 AND openssh-server is earlier than 0:4.3p2-26.el5_2.1

Definition Id: oval:org.mitre.oval:def:5599

Oval ID:	oval:org.mitre.oval:def:5599
Title:	HP-UX Running HP Secure Shell, Remotely Gain Extended Privileges
Description:	ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2007-4752	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02287 HP Release B.11.11 AND Secure_Shell.SECURE_SHELL version is less than A.04.70.003 OR Criteria meets HP Security Bulletin HPSBUX02287 HP Release B.11.23 AND Secure_Shell.SECURE_SHELL version is less than A.04.70.004 OR Criteria meets HP Security Bulletin HPSBUX02287 HP-UX B.11.31 AND Secure_Shell.SECURE_SHELL version is less than A.04.70.005

Definition Id: oval:org.mitre.oval:def:7978

Oval ID:	oval:org.mitre.oval:def:7978
Title:	DSA-1576 openssh -- predictable random number generator
Description:	The recently announced vulnerability in Debian's openssl package (DSA-1571-1, CVE-2008-0166) indirectly affects OpenSSH. As a result, all user and host keys generated using broken versions of the openssl package must be considered untrustworthy, even after the openssl update has been applied. 1. Install the security updates This update contains a dependency on the openssl update and will automatically install a corrected version of the libssl0.9.8 package, and a new package openssh-blacklist. Once the update is applied, weak user keys will be automatically rejected where possible (though they cannot be detected in all cases). If you are using such keys for user authentication, they will immediately stop working and will need to be replaced (see step 3). OpenSSH host keys can be automatically regenerated when the OpenSSH security update is applied. The update will prompt for confirmation before taking this step. 2. Update OpenSSH known_hosts files The regeneration of host keys will cause a warning to be displayed when connecting to the system using SSH until the host key is updated in the known_hosts file. The warning will look like this: In this case, the host key has simply been changed, and you should update the relevant known_hosts file as indicated in the error message. It is recommended that you use a trustworthy channel to exchange the server key. It is found in the file /etc/ssh/ssh_host_rsa_key.pub on the server; its fingerprint can be printed using the command: ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key.pub In addition to user-specific known_hosts files, there may be a system-wide known hosts file /etc/ssh/ssh_known_hosts. This is file is used both by the ssh client and by sshd for the hosts.equiv functionality. This file needs to be updated as well. 3. Check all OpenSSH user keys The safest course of action is to regenerate all OpenSSH user keys, except where it can be established to a high degree of certainty that the key was generated on an unaffected system. Check whether your key is affected by running the ssh-vulnkey tool, included in the security update. By default, ssh-vulnkey will check the standard location for user keys (~/.ssh/id_rsa, ~/.ssh/id_dsa and ~/.ssh/identity), your authorised_keys file (~/.ssh/authorised_keys and ~/.ssh/authorised_keys2), and the system's host keys (/etc/ssh/ssh_host_dsa_key and /etc/ssh/ssh_host_rsa_key). To check all your own keys, assuming they are in the standard locations (~/.ssh/id_rsa, ~/.ssh/id_dsa, or ~/.ssh/identity): ssh-vulnkey To check all keys on your system: sudo ssh-vulnkey -a To check a key in a non-standard location: ssh-vulnkey /path/to/key If ssh-vulnkey says "Unknown (no blacklist information)", then it has no information about whether that key is affected. In this case, you can examine the modification time (mtime) of the file using "ls -l". Keys generated before September 2006 are not affected. Keep in mind that, although unlikely, backup procedures may have changed the file date back in time (or the system clock may have been incorrectly set). If in doubt, generate a new key and remove the old one from any servers. 4. Regenerate any affected user keys OpenSSH keys used for user authentication must be manually regenerated, including those which may have since been transferred to a different system after being generated. New keys can be generated using ssh-keygen, e.g.: 5. Update authorised_keys files (if necessary) Once the user keys have been regenerated, the relevant public keys must be propagated to any authorised_keys files (and authorised_keys2 files, if applicable) on remote systems. Be sure to delete the lines containing old keys from those files. In addition to countermeasures to mitigate the randomness vulnerability, this OpenSSH update fixes several other vulnerabilities: CVE-2008-1483: Timo Juhani Lindfors discovered that, when using X11 forwarding, the SSH client selects an X11 forwarding port without ensuring that it can be bound on all address families. If the system is configured with IPv6 (even if it does not have working IPv6 connectivity), this could allow a local attacker on the remote server to hijack X11 forwarding. CVE-2007-4752: Jan Pechanec discovered that ssh falls back to creating a trusted X11 cookie if creating an untrusted cookie fails, potentially exposing the local display to a malicious remote server when using X11 forwarding.
Family:	unix	Class:	patch
Reference(s):	DSA-1576 CVE-2008-0166 CVE-2008-1483 CVE-2007-4752	Version:	5
Platform(s):	Debian GNU/Linux 4.0	Product(s):	openssh
Definition Synopsis:
Debian GNU/Linux 4.0 is installed. Architecture section Architecture independent section Installed architecture is all AND Packages section ssh-krb5 is earlier than 4.3p2-9etch1 AND openssh-blacklist is earlier than 0.1.1 AND ssh is earlier than 4.3p2-9etch1 OR Architecture dependent section Supported architectures section Installed architecture is amd64 AND Installed architecture is sparc AND Installed architecture is powerpc AND Installed architecture is i386 AND Installed architecture is ia64 AND Installed architecture is alpha AND Installed architecture is hppa AND Packages section openssh-server is earlier than 4.3p2-9etch1 AND openssh-client is earlier than 4.3p2-9etch1 AND ssh-askpass-gnome is earlier than 4.3p2-9etch1

CPE : Common Platform Enumeration

Type	Description	Count
Application	Openbsd Openssh cpe:2.3:a:openbsd:openssh:4.6:p1:::::: cpe:2.3:a:openbsd:openssh:4.6:-:::::: cpe:2.3:a:openbsd:openssh:4.5:p1:::::: cpe:2.3:a:openbsd:openssh:4.5:-:::::: cpe:2.3:a:openbsd:openssh:4.4:p1:::::: cpe:2.3:a:openbsd:openssh:4.4:-:::::: cpe:2.3:a:openbsd:openssh:4.3:p2:::::: cpe:2.3:a:openbsd:openssh:4.3:p1:::::: cpe:2.3:a:openbsd:openssh:4.3:-:::::: cpe:2.3:a:openbsd:openssh:4.2:p1:::::: cpe:2.3:a:openbsd:openssh:4.2:-:::::: cpe:2.3:a:openbsd:openssh:4.1:-:::::: cpe:2.3:a:openbsd:openssh:4.1:p1:::::: cpe:2.3:a:openbsd:openssh:4.0:-:::::: cpe:2.3:a:openbsd:openssh:4.0:p1:::::: cpe:2.3:a:openbsd:openssh:3.9.1:p1:::::: cpe:2.3:a:openbsd:openssh:3.9.1:::::::* cpe:2.3:a:openbsd:openssh:3.9:p1:::::: cpe:2.3:a:openbsd:openssh:3.9:-:::::: cpe:2.3:a:openbsd:openssh:3.8.1:-:::::: cpe:2.3:a:openbsd:openssh:3.8.1:p1:::::: cpe:2.3:a:openbsd:openssh:3.8:-:::::: cpe:2.3:a:openbsd:openssh:3.8:p1:::::: cpe:2.3:a:openbsd:openssh:3.7.1:p2:::::: cpe:2.3:a:openbsd:openssh:3.7.1:p1:::::: cpe:2.3:a:openbsd:openssh:3.7.1:-:::::: cpe:2.3:a:openbsd:openssh:3.7:::::::* cpe:2.3:a:openbsd:openssh:3.6.1:p2:::::: cpe:2.3:a:openbsd:openssh:3.6.1:p1:::::: cpe:2.3:a:openbsd:openssh:3.6.1:-:::::: cpe:2.3:a:openbsd:openssh:3.6:p1:::::: cpe:2.3:a:openbsd:openssh:3.6:-:::::: cpe:2.3:a:openbsd:openssh:3.5:p1:::::: cpe:2.3:a:openbsd:openssh:3.5:-:::::: cpe:2.3:a:openbsd:openssh:3.4:p1:::::: cpe:2.3:a:openbsd:openssh:3.4:-:::::: cpe:2.3:a:openbsd:openssh:3.3:-:::::: cpe:2.3:a:openbsd:openssh:3.3:p1:::::: cpe:2.3:a:openbsd:openssh:3.2.3:p1:::::: cpe:2.3:a:openbsd:openssh:3.2.3:-:::::: cpe:2.3:a:openbsd:openssh:3.2.2:p1:::::: cpe:2.3:a:openbsd:openssh:3.2.2:-:::::: cpe:2.3:a:openbsd:openssh:3.2:::::::* cpe:2.3:a:openbsd:openssh:3.1:p1:::::: cpe:2.3:a:openbsd:openssh:3.1:-:::::: cpe:2.3:a:openbsd:openssh:3.0.2:-:::::: cpe:2.3:a:openbsd:openssh:3.0.2:p1:::::: cpe:2.3:a:openbsd:openssh:3.0.1:-:::::: cpe:2.3:a:openbsd:openssh:3.0.1:p1:::::: cpe:2.3:a:openbsd:openssh:3.0:p1:::::: cpe:2.3:a:openbsd:openssh:3.0:-:::::: cpe:2.3:a:openbsd:openssh:2.9.9:p1:::::: cpe:2.3:a:openbsd:openssh:2.9.9:-:::::: cpe:2.3:a:openbsd:openssh:2.9.9:p2:::::: cpe:2.3:a:openbsd:openssh:2.9:p2:::::: cpe:2.3:a:openbsd:openssh:2.9:p1:::::: cpe:2.3:a:openbsd:openssh:2.9:-:::::: cpe:2.3:a:openbsd:openssh:2.5.2:p2:::::: cpe:2.3:a:openbsd:openssh:2.5.2:-:::::: cpe:2.3:a:openbsd:openssh:2.5.1:p2:::::: cpe:2.3:a:openbsd:openssh:2.5.1:-:::::: cpe:2.3:a:openbsd:openssh:2.5.1:p1:::::: cpe:2.3:a:openbsd:openssh:2.5:::::::* cpe:2.3:a:openbsd:openssh:2.3.1:::::::* cpe:2.3:a:openbsd:openssh:2.3.0:p1:::::: cpe:2.3:a:openbsd:openssh:2.3.0:-:::::: cpe:2.3:a:openbsd:openssh:2.3:::::::* cpe:2.3:a:openbsd:openssh:2.2.0:p1:::::: cpe:2.3:a:openbsd:openssh:2.2.0:-:::::: cpe:2.3:a:openbsd:openssh:2.2:::::::* cpe:2.3:a:openbsd:openssh:2.1.1:-:::::: cpe:2.3:a:openbsd:openssh:2.1.1:p4:::::: cpe:2.3:a:openbsd:openssh:2.1.1:p3:::::: cpe:2.3:a:openbsd:openssh:2.1.1:p2:::::: cpe:2.3:a:openbsd:openssh:2.1.1:p1:::::: cpe:2.3:a:openbsd:openssh:2.1.0:-:::::: cpe:2.3:a:openbsd:openssh:2.1.0:p1:::::: cpe:2.3:a:openbsd:openssh:2.1:::::::* cpe:2.3:a:openbsd:openssh:2:::::::* cpe:2.3:a:openbsd:openssh:1.5.8:::::::* cpe:2.3:a:openbsd:openssh:1.5.7:::::::* cpe:2.3:a:openbsd:openssh:1.5:::::::* cpe:2.3:a:openbsd:openssh:1.3:::::::* cpe:2.3:a:openbsd:openssh:1.2.3:-:::::: cpe:2.3:a:openbsd:openssh:1.2.3:p1:::::: cpe:2.3:a:openbsd:openssh:1.2.27:::::::* cpe:2.3:a:openbsd:openssh:1.2.2:-:::::: cpe:2.3:a:openbsd:openssh:1.2.2:p1:::::: cpe:2.3:a:openbsd:openssh:1.2.1:::::::* cpe:2.3:a:openbsd:openssh:1.2:::::::* cpe:2.3:a:openbsd:openssh:::::::: cpe:2.3:a:openbsd:openssh:-:::::::*	92

OpenVAS Exploits

Date	Description
2009-11-17	Name : Mac OS X Version File : nvt/macosx_version.nasl
2009-10-10	Name : SLES9: Security update for OpenSSH File : nvt/sles9p5016761.nasl
2009-05-05	Name : HP-UX Update for HP Secure Shell HPSBUX02287 File : nvt/gb_hp_ux_HPSBUX02287.nasl
2009-04-09	Name : Mandriva Update for openssh MDKSA-2007:236 (openssh) File : nvt/gb_mandriva_MDKSA_2007_236.nasl
2009-03-23	Name : Ubuntu Update for openssh vulnerability USN-566-1 File : nvt/gb_ubuntu_USN_566_1.nasl
2009-03-06	Name : RedHat Update for openssh RHSA-2008:0855-01 File : nvt/gb_RHSA-2008_0855-01_openssh.nasl
2009-02-27	Name : Fedora Update for openssh FEDORA-2007-715 File : nvt/gb_fedora_2007_715_openssh_fc6.nasl
2008-09-24	Name : Gentoo Security Advisory GLSA 200711-02 (openssh) File : nvt/glsa_200711_02.nasl
2008-05-27	Name : Debian Security Advisory DSA 1576-1 (openssh) File : nvt/deb_1576_1.nasl
0000-00-00	Name : Slackware Advisory SSA:2007-255-01 openssh File : nvt/esoft_slk_ssa_2007_255_01.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
47635	OpenSSH Packages on Red Hat Enterprise Linux Compromised Distribution
43371	OpenSSH Trusted X11 Cookie Connection Policy Bypass

Information Assurance Vulnerability Management (IAVM)

Date	Description
2008-08-28	IAVM : 2008-T-0046 - Red Hat OpenSSH Vulnerability Severity : Category II - VMSKEY : V0017144

Nessus® Vulnerability Scanner

Date	Description
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0855.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080822_openssh_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2011-10-04	Name : Remote attackers may be able to bypass authentication. File : openssh_47.nasl - Type : ACT_GATHER_INFO
2011-08-29	Name : The SSH service running on the remote host has an information disclosure vuln... File : sunssh_plaintext_recovery.nasl - Type : ACT_GATHER_INFO
2010-01-06	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0855.nasl - Type : ACT_GATHER_INFO
2009-09-24	Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_11931.nasl - Type : ACT_GATHER_INFO
2008-08-24	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0855.nasl - Type : ACT_GATHER_INFO
2008-08-22	Name : The remote host has a compromised version of an OpenSSH-related package insta... File : rhel_compromised_ssh_package.nasl - Type : ACT_GATHER_INFO
2008-05-19	Name : The remote Debian host is missing a security-related update. File : debian_DSA-1576.nasl - Type : ACT_GATHER_INFO
2008-03-19	Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2008-002.nasl - Type : ACT_GATHER_INFO
2008-01-10	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-566-1.nasl - Type : ACT_GATHER_INFO
2007-12-13	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_openssh-4580.nasl - Type : ACT_GATHER_INFO
2007-12-07	Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-236.nasl - Type : ACT_GATHER_INFO
2007-11-02	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200711-02.nasl - Type : ACT_GATHER_INFO
2007-10-30	Name : The remote openSUSE host is missing a security update. File : suse_openssh-4579.nasl - Type : ACT_GATHER_INFO
2007-10-16	Name : The remote Fedora Core host is missing a security update. File : fedora_2007-715.nasl - Type : ACT_GATHER_INFO
2007-09-14	Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2007-255-01.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-02-17 11:51:56	Multiple Updates

Global Informations

Type	Count
CWE ID(s)	2
Oval ID(s)	7
CPE ID(s)	92
osvdb(s)	2
Openvas Exploit(s)	10
IAVM(s)	1
Nessus® Exploit(s)	17

	Related
9.3	CVE-2008-3844
7.5	CVE-2007-4752
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 2 more Alert(s)

9.3 - RHSA-2008:0855

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

OVAL Definitions

CPE : Common Platform Enumeration

OpenVAS Exploits

Open Source Vulnerability Database (OSVDB)

Information Assurance Vulnerability Management (IAVM)

Nessus® Vulnerability Scanner

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU