Executive Summary
| Summary | |
|---|---|
| Title | openssh security, bug fix, and enhancement update |
| Informations | |||
|---|---|---|---|
| Name | RHSA-2012:0884 | First vendor Publication | 2012-06-20 |
| Vendor | RedHat | Last vendor Modification | 2012-06-20 |
| Severity (Vendor) | Low | Revision | 04 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:M/Au:S/C:N/I:N/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 3.5 | Attack Range | Network |
| Cvss Impact Score | 2.9 | Attack Complexity | Medium |
| Cvss Expoit Score | 6.8 | Authentication | Requires single instance |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Problem Description: Updated openssh packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: OpenSSH is OpenBSD's Secure Shell (SSH) protocol implementation. These packages include the core files necessary for the OpenSSH client and server. A denial of service flaw was found in the OpenSSH GSSAPI authentication implementation. A remote, authenticated user could use this flaw to make the OpenSSH server daemon (sshd) use an excessive amount of memory, leading to a denial of service. GSSAPI authentication is enabled by default ("GSSAPIAuthentication yes" in "/etc/ssh/sshd_config"). (CVE-2011-5000) These updated openssh packages also provide fixes for the following bugs: * SSH X11 forwarding failed if IPv6 was enabled and the parameter X11UseLocalhost was set to "no". Consequently, users could not set X forwarding. This update fixes sshd and ssh to correctly bind the port for the IPv6 protocol. As a result, X11 forwarding now works as expected with IPv |
Original Source
| Url : https://rhn.redhat.com/errata/RHSA-2012-0884.html |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:21581 | |||
| Oval ID: | oval:org.mitre.oval:def:21581 | ||
| Title: | RHSA-2012:0884: openssh security, bug fix, and enhancement update (Low) | ||
| Description: | The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2012:0884-04 CESA-2012:0884 CVE-2011-5000 | Version: | 4 |
| Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | openssh |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:23663 | |||
| Oval ID: | oval:org.mitre.oval:def:23663 | ||
| Title: | ELSA-2012:0884: openssh security, bug fix, and enhancement update (Low) | ||
| Description: | The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012:0884-04 CVE-2011-5000 | Version: | 6 |
| Platform(s): | Oracle Linux 6 | Product(s): | openssh |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27843 | |||
| Oval ID: | oval:org.mitre.oval:def:27843 | ||
| Title: | DEPRECATED: ELSA-2012-0884 -- openssh security, bug fix, and enhancement update (low) | ||
| Description: | [5.3p1-81] - fixes in openssh-5.3p1-required-authentications.patch (#657378) [5.3p1-79] - fix forward on non-localhost ports with IPv6 (#732955) [5.3p1-78] - clear SELinux exec context before exec passwd (#814691) [5.3p1-77] - prevent post-auth resource exhaustion (#809938) [5.3p1-76] - don't escape backslah in a banner (#809619) [5.3p1-75] - fix various issues in openssh-5.3p1-required-authentications.patch (#805901) [5.3p1-74] - fix out-of-memory killer patch (#744236) [5.3p1-73] - remove openssh-4.3p2-no-v6only.patch (#732955) - adjust Linux out-of-memory killer (#744236) - fix sshd init script - check existence of crypto (#797384) - add RequiredAuthentications[12] (#657378) - run privsep slave process as the users SELinux context (#798241) [5.3p1-72] - drop CAVS test driver (#782091) [5.3p1-71] - enable aes-ctr ciphers use the EVP engines from OpenSSL such as the AES-NI (#756929) - add CAVS test driver for the aes-ctr ciphers (#782091) | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012-0884 CVE-2011-5000 | Version: | 4 |
| Platform(s): | Oracle Linux 6 | Product(s): | openssh |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2012-07-30 | Name : CentOS Update for openssh CESA-2012:0884 centos6 File : nvt/gb_CESA-2012_0884_openssh_centos6.nasl |
| 2012-06-22 | Name : RedHat Update for openssh RHSA-2012:0884-04 File : nvt/gb_RHSA-2012_0884-04_openssh.nasl |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2014-05-12 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201405-06.nasl - Type : ACT_GATHER_INFO |
| 2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-99.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0884.nasl - Type : ACT_GATHER_INFO |
| 2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_openssh-120813.nasl - Type : ACT_GATHER_INFO |
| 2012-08-28 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_openssh-8248.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120620_openssh_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-07-11 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0884.nasl - Type : ACT_GATHER_INFO |
| 2012-06-20 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0884.nasl - Type : ACT_GATHER_INFO |
| 2011-11-18 | Name : The SSH server on the remote host has multiple denial of service vulnerabilit... File : openssh_59.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:56:04 |
|
