Test Kennung:	1.3.6.1.4.1.25623.1.0.57476
Kategorie:	FreeBSD Local Security Checks
Titel:	FreeBSD Security Advisory (FreeBSD-SA-06:22.openssh.asc)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-06:22.openssh.asc OpenSSH is an implementation of the SSH protocol suite, providing an encrypted, authenticated transport for a variety of services, including remote shell access. The CRC compensation attack detector in the sshd(8) daemon, upon receipt of duplicate blocks, uses CPU time cubic in the number of duplicate blocks received. [CVE-2006-4924] A race condition exists in a signal handler used by the sshd(8) daemon to handle the LoginGraceTime option, which can potentially cause some cleanup routines to be executed multiple times. [CVE-2006-5051] Solution: Upgrade your system to the appropriate stable release or security branch dated after the correction date http://www.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-06:22.openssh.asc CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2006-4924 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html BugTraq ID: 20216 http://www.securityfocus.com/bid/20216 Bugtraq: 20060927 rPSA-2006-0174-1 gnome-ssh-askpass openssh openssh-client openssh-server (Google Search) http://www.securityfocus.com/archive/1/447153/100/0/threaded Cert/CC Advisory: TA07-072A http://www.us-cert.gov/cas/techalerts/TA07-072A.html CERT/CC vulnerability note: VU#787448 http://www.kb.cert.org/vuls/id/787448 Debian Security Information: DSA-1189 (Google Search) http://www.debian.org/security/2006/dsa-1189 Debian Security Information: DSA-1212 (Google Search) http://www.debian.org/security/2006/dsa-1212 FreeBSD Security Advisory: FreeBSD-SA-06:22.openssh http://security.freebsd.org/advisories/FreeBSD-SA-06%3A22.openssh.asc ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:22.openssh.asc http://security.gentoo.org/glsa/glsa-200609-17.xml http://security.gentoo.org/glsa/glsa-200611-06.xml HPdes Security Advisory: HPSBUX02178 http://itrc.hp.com/service/cki/docDisplay.do?docId=c00815112 HPdes Security Advisory: SSRT061267 http://www.mandriva.com/security/advisories?name=MDKSA-2006:179 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=207955 http://marc.info/?l=openssh-unix-dev&m=115939141729160&w=2 http://www-unix.globus.org/mail_archive/security-announce/2007/04/msg00000.html OpenBSD Security Advisory: [2.9] 015: SECURITY FIX: October 12, 2006 http://www.openbsd.org/errata.html#ssh http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.022-openssh.html http://www.osvdb.org/29152 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10462 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1193 http://www.redhat.com/support/errata/RHSA-2006-0697.html http://www.redhat.com/support/errata/RHSA-2006-0698.html SCO Security Bulletin: SCOSA-2008.2 ftp://ftp.sco.com/pub/unixware7/714/security/p534336/p534336.txt http://securitytracker.com/id?1016931 http://secunia.com/advisories/21923 http://secunia.com/advisories/22091 http://secunia.com/advisories/22116 http://secunia.com/advisories/22158 http://secunia.com/advisories/22164 http://secunia.com/advisories/22183 http://secunia.com/advisories/22196 http://secunia.com/advisories/22208 http://secunia.com/advisories/22236 http://secunia.com/advisories/22245 http://secunia.com/advisories/22270 http://secunia.com/advisories/22298 http://secunia.com/advisories/22352 http://secunia.com/advisories/22362 http://secunia.com/advisories/22487 http://secunia.com/advisories/22495 http://secunia.com/advisories/22823 http://secunia.com/advisories/22926 http://secunia.com/advisories/23038 http://secunia.com/advisories/23241 http://secunia.com/advisories/23340 http://secunia.com/advisories/23680 http://secunia.com/advisories/24479 http://secunia.com/advisories/24799 http://secunia.com/advisories/24805 http://secunia.com/advisories/25608 http://secunia.com/advisories/29371 http://secunia.com/advisories/34274 SGI Security Advisory: 20061001-01-P ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.592566 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102962-1 SuSE Security Announcement: SUSE-SA:2006:062 (Google Search) http://www.novell.com/linux/security/advisories/2006_62_openssh.html SuSE Security Announcement: SUSE-SR:2006:024 (Google Search) http://www.novell.com/linux/security/advisories/2006_24_sr.html http://www.trustix.org/errata/2006/0054 http://www.ubuntu.com/usn/usn-355-1 http://www.vupen.com/english/advisories/2006/3777 http://www.vupen.com/english/advisories/2006/4401 http://www.vupen.com/english/advisories/2006/4869 http://www.vupen.com/english/advisories/2007/0930 http://www.vupen.com/english/advisories/2007/1332 http://www.vupen.com/english/advisories/2007/2119 http://www.vupen.com/english/advisories/2009/0740 XForce ISS Database: openssh-block-dos(29158) https://exchange.xforce.ibmcloud.com/vulnerabilities/29158
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.