oval:org.mitre.oval:def:21987

Definition Id: oval:org.mitre.oval:def:21987

Oval ID:	oval:org.mitre.oval:def:21987
Title:	ELSA-2008:0855: openssh security update (Critical)
Description:	Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.
Family:	unix	Class:	patch
Reference(s):	ELSA-2008:0855-01 CVE-2007-4752 CVE-2008-3844	Version:	13
Platform(s):	Oracle Linux 5	Product(s):	openssh
Definition Synopsis:
Oracle Linux 5.x rpm test openssh is earlier than 0:4.3p2-26.el5_2.1 AND openssh-clients is earlier than 0:4.3p2-26.el5_2.1 AND openssh-server is earlier than 0:4.3p2-26.el5_2.1 AND openssh-askpass is earlier than 0:4.3p2-26.el5_2.1

Definition Id: oval:org.mitre.oval:def:15459

Oval ID:	oval:org.mitre.oval:def:15459
Title:	Oracle Linux 5.x
Description:	The operating system installed on the system is Oracle Linux 5.x
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:oracle:linux:5	Version:	7
Platform(s):	Oracle Linux 5	Product(s):
Definition Synopsis:
the installed operating system is part of the Unix family AND Oracle Linux 5.x is installed
Referenced By:
oval:org.mitre.oval:def:21987