SUSE-SU-2015:1695-1 -- SLES opensshID: oval:org.secpod.oval:def:89045430 | Date: (C)2021-08-04 (M)2024-02-19 |
Class: PATCH | Family: unix |
OpenSSH was updated to fix several security issues and bugs. Please note that due to a bug in the previous shipped openssh version, sshd might not correctly restart. Please verify that the ssh daemon is running after installing this update. These security issues were fixed: * CVE-2015-5352: The x11_open_helper function, when ForwardX11Trusted mode is not used, lacked a check of the refusal deadline for X connections, which made it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window. * CVE-2015-5600: The kbdint_next_device function in auth2-chall.c in sshd did not properly restrict the processing of keyboard-interactive devices within a single connection, which made it easier for remote attackers to conduct brute-force attacks or cause a denial of service via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list. * CVE-2015-4000: Removed and disabled weak DH groups to address LOGJAM. * Hardening patch to fix sftp RCE. * CVE-2015-6563: The monitor component in sshd accepted extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allowed local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c. * CVE-2015-6564: Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd might have allowed local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request. Additional a bug was fixed that could lead to openssh not working in chroot .
Platform: |
SUSE Linux Enterprise Server 11 SP4 |