Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200609-17 (openssh)

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.57895

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200609-17 (openssh)

Resumen: NOSUMMARY

Descripción: Description:
The remote host is missing updates announced in
advisory GLSA 200609-17.

A flaw in the OpenSSH daemon allows remote unauthenticated attackers to
cause a Denial of Service.

Solution:
All OpenSSH users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=net-misc/openssh-4.3_p2-r5'

http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200609-17
http://bugs.gentoo.org/show_bug.cgi?id=148228

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2006-4924
http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
BugTraq ID: 20216
http://www.securityfocus.com/bid/20216
Bugtraq: 20060927 rPSA-2006-0174-1 gnome-ssh-askpass openssh openssh-client openssh-server (Google Search)
http://www.securityfocus.com/archive/1/447153/100/0/threaded
Cert/CC Advisory: TA07-072A
http://www.us-cert.gov/cas/techalerts/TA07-072A.html
CERT/CC vulnerability note: VU#787448
http://www.kb.cert.org/vuls/id/787448
Debian Security Information: DSA-1189 (Google Search)
http://www.debian.org/security/2006/dsa-1189
Debian Security Information: DSA-1212 (Google Search)
http://www.debian.org/security/2006/dsa-1212
FreeBSD Security Advisory: FreeBSD-SA-06:22.openssh
http://security.freebsd.org/advisories/FreeBSD-SA-06%3A22.openssh.asc
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:22.openssh.asc
http://security.gentoo.org/glsa/glsa-200609-17.xml
http://security.gentoo.org/glsa/glsa-200611-06.xml
HPdes Security Advisory: HPSBUX02178
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00815112
HPdes Security Advisory: SSRT061267
http://www.mandriva.com/security/advisories?name=MDKSA-2006:179
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=207955
http://marc.info/?l=openssh-unix-dev&m=115939141729160&w=2
http://www-unix.globus.org/mail_archive/security-announce/2007/04/msg00000.html
OpenBSD Security Advisory: [2.9] 015: SECURITY FIX: October 12, 2006
http://www.openbsd.org/errata.html#ssh
http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.022-openssh.html
http://www.osvdb.org/29152
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10462
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1193
http://www.redhat.com/support/errata/RHSA-2006-0697.html
http://www.redhat.com/support/errata/RHSA-2006-0698.html
SCO Security Bulletin: SCOSA-2008.2
ftp://ftp.sco.com/pub/unixware7/714/security/p534336/p534336.txt
http://securitytracker.com/id?1016931
http://secunia.com/advisories/21923
http://secunia.com/advisories/22091
http://secunia.com/advisories/22116
http://secunia.com/advisories/22158
http://secunia.com/advisories/22164
http://secunia.com/advisories/22183
http://secunia.com/advisories/22196
http://secunia.com/advisories/22208
http://secunia.com/advisories/22236
http://secunia.com/advisories/22245
http://secunia.com/advisories/22270
http://secunia.com/advisories/22298
http://secunia.com/advisories/22352
http://secunia.com/advisories/22362
http://secunia.com/advisories/22487
http://secunia.com/advisories/22495
http://secunia.com/advisories/22823
http://secunia.com/advisories/22926
http://secunia.com/advisories/23038
http://secunia.com/advisories/23241
http://secunia.com/advisories/23340
http://secunia.com/advisories/23680
http://secunia.com/advisories/24479
http://secunia.com/advisories/24799
http://secunia.com/advisories/24805
http://secunia.com/advisories/25608
http://secunia.com/advisories/29371
http://secunia.com/advisories/34274
SGI Security Advisory: 20061001-01-P
ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.592566
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102962-1
SuSE Security Announcement: SUSE-SA:2006:062 (Google Search)
http://www.novell.com/linux/security/advisories/2006_62_openssh.html
SuSE Security Announcement: SUSE-SR:2006:024 (Google Search)
http://www.novell.com/linux/security/advisories/2006_24_sr.html
http://www.trustix.org/errata/2006/0054
http://www.ubuntu.com/usn/usn-355-1
http://www.vupen.com/english/advisories/2006/3777
http://www.vupen.com/english/advisories/2006/4401
http://www.vupen.com/english/advisories/2006/4869
http://www.vupen.com/english/advisories/2007/0930
http://www.vupen.com/english/advisories/2007/1332
http://www.vupen.com/english/advisories/2007/2119
http://www.vupen.com/english/advisories/2009/0740
XForce ISS Database: openssh-block-dos(29158)
https://exchange.xforce.ibmcloud.com/vulnerabilities/29158

Copyright Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.57895
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200609-17 (openssh)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory GLSA 200609-17. A flaw in the OpenSSH daemon allows remote unauthenticated attackers to cause a Denial of Service. Solution: All OpenSSH users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-misc/openssh-4.3_p2-r5' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200609-17 http://bugs.gentoo.org/show_bug.cgi?id=148228 CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-4924 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html BugTraq ID: 20216 http://www.securityfocus.com/bid/20216 Bugtraq: 20060927 rPSA-2006-0174-1 gnome-ssh-askpass openssh openssh-client openssh-server (Google Search) http://www.securityfocus.com/archive/1/447153/100/0/threaded Cert/CC Advisory: TA07-072A http://www.us-cert.gov/cas/techalerts/TA07-072A.html CERT/CC vulnerability note: VU#787448 http://www.kb.cert.org/vuls/id/787448 Debian Security Information: DSA-1189 (Google Search) http://www.debian.org/security/2006/dsa-1189 Debian Security Information: DSA-1212 (Google Search) http://www.debian.org/security/2006/dsa-1212 FreeBSD Security Advisory: FreeBSD-SA-06:22.openssh http://security.freebsd.org/advisories/FreeBSD-SA-06%3A22.openssh.asc ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:22.openssh.asc http://security.gentoo.org/glsa/glsa-200609-17.xml http://security.gentoo.org/glsa/glsa-200611-06.xml HPdes Security Advisory: HPSBUX02178 http://itrc.hp.com/service/cki/docDisplay.do?docId=c00815112 HPdes Security Advisory: SSRT061267 http://www.mandriva.com/security/advisories?name=MDKSA-2006:179 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=207955 http://marc.info/?l=openssh-unix-dev&m=115939141729160&w=2 http://www-unix.globus.org/mail_archive/security-announce/2007/04/msg00000.html OpenBSD Security Advisory: [2.9] 015: SECURITY FIX: October 12, 2006 http://www.openbsd.org/errata.html#ssh http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.022-openssh.html http://www.osvdb.org/29152 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10462 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1193 http://www.redhat.com/support/errata/RHSA-2006-0697.html http://www.redhat.com/support/errata/RHSA-2006-0698.html SCO Security Bulletin: SCOSA-2008.2 ftp://ftp.sco.com/pub/unixware7/714/security/p534336/p534336.txt http://securitytracker.com/id?1016931 http://secunia.com/advisories/21923 http://secunia.com/advisories/22091 http://secunia.com/advisories/22116 http://secunia.com/advisories/22158 http://secunia.com/advisories/22164 http://secunia.com/advisories/22183 http://secunia.com/advisories/22196 http://secunia.com/advisories/22208 http://secunia.com/advisories/22236 http://secunia.com/advisories/22245 http://secunia.com/advisories/22270 http://secunia.com/advisories/22298 http://secunia.com/advisories/22352 http://secunia.com/advisories/22362 http://secunia.com/advisories/22487 http://secunia.com/advisories/22495 http://secunia.com/advisories/22823 http://secunia.com/advisories/22926 http://secunia.com/advisories/23038 http://secunia.com/advisories/23241 http://secunia.com/advisories/23340 http://secunia.com/advisories/23680 http://secunia.com/advisories/24479 http://secunia.com/advisories/24799 http://secunia.com/advisories/24805 http://secunia.com/advisories/25608 http://secunia.com/advisories/29371 http://secunia.com/advisories/34274 SGI Security Advisory: 20061001-01-P ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.592566 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102962-1 SuSE Security Announcement: SUSE-SA:2006:062 (Google Search) http://www.novell.com/linux/security/advisories/2006_62_openssh.html SuSE Security Announcement: SUSE-SR:2006:024 (Google Search) http://www.novell.com/linux/security/advisories/2006_24_sr.html http://www.trustix.org/errata/2006/0054 http://www.ubuntu.com/usn/usn-355-1 http://www.vupen.com/english/advisories/2006/3777 http://www.vupen.com/english/advisories/2006/4401 http://www.vupen.com/english/advisories/2006/4869 http://www.vupen.com/english/advisories/2007/0930 http://www.vupen.com/english/advisories/2007/1332 http://www.vupen.com/english/advisories/2007/2119 http://www.vupen.com/english/advisories/2009/0740 XForce ISS Database: openssh-block-dos(29158) https://exchange.xforce.ibmcloud.com/vulnerabilities/29158
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com