Download
| Alert*
oval:org.secpod.oval:def:1601010
Due to a problem with the configuration of kernels 3.10.34-37 and 3.10.34-38 and their interaction with the authentication modules stack, the sshd daemon which is part of the openssh package will no longer allow remote logins following a restart of the sshd service.There are two permanant fixes for ... oval:org.secpod.oval:def:39730 pam_ssh_agent_auth is installed oval:org.secpod.oval:def:204194 OpenSSH is OpenBSD"s SSH protocol implementation. These packages include the core files necessary for both the OpenSSH client and server. It was discovered that OpenSSH clients did not correctly verify DNS SSHFP records. A malicious server could use this flaw to force a connecting client to skip th ... oval:org.secpod.oval:def:39729 pam_ssh_agent_auth is installed oval:org.secpod.oval:def:204785 OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fix: * openssh: Improper write operations in readonly mode allow for zero-length file creation For mor ... oval:org.secpod.oval:def:1600925 OpenSSH is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c. oval:org.secpod.oval:def:4501341 OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fix: * openssh: Observable discrepancy leading to an information leak in the algorithm negotiation For ... oval:org.secpod.oval:def:205183 OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fix: * openssh: User enumeration via malformed packets in authentication requests For more details abo ... oval:org.secpod.oval:def:2500336 OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. oval:org.secpod.oval:def:1700080 OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c. oval:org.secpod.oval:def:1505249 [8.0p1-10] - sshd -T requires -C when "Match" is used in sshd_config [8.0p1-9] - CVE-2020-14145 openssh: Observable Discrepancy leading to an information leak in the algorithm negotiation - Hostbased ssh authentication fails if session ID contains a "/" [8.0p1-8] - ssh doesnt restore the blocking ... oval:org.secpod.oval:def:1700056 The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files. oval:org.secpod.oval:def:1700178 An issue was discovered in OpenSSH. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned . A malicious scp server can overwrite arbitrary fil ... oval:org.secpod.oval:def:1601514 A flaw was found in OpenSSH. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user. Depending on system configuration, inherited g ... oval:org.secpod.oval:def:205920 OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fix: * openssh: privilege escalation when AuthorizedKeysCommand or AuthorizedPrincipalsCommand are conf ... oval:org.secpod.oval:def:1505444 [7.4p1-22.0.1_fips] - Change Epoch from 1 to 10 - Enable fips KDF POST [Orabug: 32461750] - Disable diffie-hellman-group-exchange-sha256 KEX FIPS method [Orabug: 32461739] [7.4p1-22.0.1] - enlarge format buffer size for certificate serial number so the log message can record any 64-bit integer witho ... oval:org.secpod.oval:def:1505649 [8.0p1-13] - Upstream: ClientAliveCountMax=0 disable the connection killing behaviour [8.0p1-12] - Add support for "Include" directive in sshd_config file [8.0p1-11] - CVE-2021-41617 upstream fix oval:org.secpod.oval:def:1505329 [7.4p1-22.0.1] - enlarge format buffer size for certificate serial number so the log message can record any 64-bit integer without truncation [Orabug: 30448895] [7.4p1-22 + 0.10.3-2] - avoid segfault in Kerberos cache cleanup - fix CVE-2021-41617 oval:org.secpod.oval:def:204183 OpenSSH is OpenBSD"s SSH protocol implementation. These packages include the core files necessary for both the OpenSSH client and server. A flaw was found in the way OpenSSH handled PAM authentication when using privilege separation. An attacker with valid credentials on the system and able to full ... oval:org.secpod.oval:def:507643 OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fix: * openssh: the functions order_hostkeyalgs and list_hostkey_types leads to double-free vulnerabili ... oval:org.secpod.oval:def:97781 [CLSA-2023:1703785140] openssh: Fix of CVE-2023-51385 oval:org.secpod.oval:def:19500652 In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host ... oval:org.secpod.oval:def:507875 OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fix: * openssh: Remote code execution in ssh-agent PKCS#11 support For more details about the security ... oval:org.secpod.oval:def:97741 [CLSA-2023:1691576939] openssh: Fix of CVE-2023-38408 oval:org.secpod.oval:def:507876 OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fix: * openssh: Remote code execution in ssh-agent PKCS#11 support For more details about the security ... oval:org.secpod.oval:def:97658 [CLSA-2022:1658171011] Fixed CVE-2016-10012 in openssh oval:org.secpod.oval:def:97655 [CLSA-2022:1657561632] Fixed CVEs in openssh-5.3p1: CVE-2016-10708, CVE-2016-10012 oval:org.secpod.oval:def:97702 [CLSA-2022:1671481339] openssh: Fix of 2 CVEs oval:org.secpod.oval:def:97651 [CLSA-2022:1656962023] Fixed CVE-2016-10009 in openssh-5.3p1 oval:org.secpod.oval:def:19500545 AWS is aware of CVE-2023-48795, also known as Terrapin, which is found in the SSH protocol and affects SSH channel integrity. A protocol extension has been introduced by OpenSSH to fix this issue, which needs to be supported by both the client and server. We recommend customers update to the latest ... oval:org.secpod.oval:def:1507374 [8.7p1-34.3] - Fix Terrapin attack Resolves: RHEL-19764 - Forbid shell metasymbols in username/hostname Resolves: RHEL-19822 oval:org.secpod.oval:def:509034 OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fix: ssh: Prefix truncation attack on Binary Packet Protocol openssh: potential command injection via ... oval:org.secpod.oval:def:2600519 OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. oval:org.secpod.oval:def:1701991 AWS is aware of CVE-2023-48795, also known as Terrapin, which is found in the SSH protocol and affects SSH channel integrity. A protocol extension has been introduced by OpenSSH to fix this issue, which needs to be supported by both the client and server. We recommend customers update to the latest ... |