Download
| Alert*
|
oval:org.secpod.oval:def:39718
The host is missing a security update according to Apple advisory, APPLE-SA-2017-03-27-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:2100923 sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c. oval:org.secpod.oval:def:39654 The host is installed with Apple Mac OS X or Server 10.12.3 and is prone to an untrusted search path vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation could allow local users to gain privileges. oval:org.secpod.oval:def:111858 SSH is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the sec ... oval:org.secpod.oval:def:1800880 CVE-2016-10009: loading of untrusted PKCS#11 modules in ssh-agent. Ssh-agent could load PKCS#11 modules from paths outside of a trusted whitelist. An attacker able to load a crafted PKCS#11 module across a forwarded agent channel could potentially use this flaw to execute arbitrary code on the syste ... oval:org.secpod.oval:def:38611 The host is installed with OpenSSH before 7.4 and is prone to a privilege escalation vulnerability. A flaw is present in sshd, which creates forwarded Unix-domain sockets as root. Successful exploitation could allow local users to gain privileges via unspecified vectors, related to serverloop.c. oval:org.secpod.oval:def:703960 openssh: secure shell for secure access to remote machines Several security issues were fixed in OpenSSH. oval:org.secpod.oval:def:51978 openssh: secure shell for secure access to remote machines Several security issues were fixed in OpenSSH. oval:org.secpod.oval:def:89044728 This update for openssh fixes several issues. These security issues were fixed: - CVE-2016-8858: The kex_input_kexinit function in kex.c allowed remote attackers to cause a denial of service by sending many duplicate KEXINIT requests . - CVE-2016-10012: The shared memory manager did not ensure tha ... |
