Test Kennung:	1.3.6.1.4.1.25623.1.0.54092
Kategorie:	SuSE Local Security Checks
Titel:	SuSE Security Advisory SUSE-SA:2003:038 (openssh)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory SUSE-SA:2003:038. The openssh package is the most widely used implementation of the secure shell protocol script_family( (ssh). It provides a set of network connectivity tools for remote (shell) login, designed to substitute the traditional BSD-style r-protocols (rsh, rlogin). openssh has various authentification mechanisms and many other features such as TCP connection and X11 display forwarding over the fully encrypted network connection as well as file transfer facilities. A programming error has been found in code responsible for buffer management. If exploited by a (remote) attacker, the error may lead to unauthorized access to the system, allowing the execution of arbitrary commands. The error is known as the buffer_append_space()-bug and is assigned the Common Vulnerabilities and Exposures (CVE) name CVE-2003-0693. Solution: Update your system with the packages as indicated in the referenced security advisory. http://www.securityspace.com/smysecure/catid.html?in=SUSE-SA:2003:038 Risk factor : Critical CVSS Score: 10.0
Querverweis:	BugTraq ID: 8628 Common Vulnerability Exposure (CVE) ID: CVE-2003-0693 Bugtraq: 20030916 OpenSSH Buffer Management Bug Advisory (Google Search) http://marc.info/?l=bugtraq&m=106373247528528&w=2 Bugtraq: 20030916 [slackware-security] OpenSSH Security Advisory (SSA:2003-259-01) (Google Search) http://marc.info/?l=bugtraq&m=106374466212309&w=2 Bugtraq: 20030917 [OpenPKG-SA-2003.040] OpenPKG Security Advisory (openssh) (Google Search) http://marc.info/?l=bugtraq&m=106381409220492&w=2 http://www.cert.org/advisories/CA-2003-24.html CERT/CC vulnerability note: VU#333628 http://www.kb.cert.org/vuls/id/333628 Debian Security Information: DSA-382 (Google Search) http://www.debian.org/security/2003/dsa-382 Debian Security Information: DSA-383 (Google Search) http://www.debian.org/security/2003/dsa-383 En Garde Linux Advisory: ESA-20030916-023 FreeBSD Security Advisory: FreeBSD-SA-03:12 http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/010103.html http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/010135.html http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/010146.html Immunix Linux Advisory: IMNX-2003-7+-020-01 http://www.mandriva.com/security/advisories?name=MDKSA-2003:090 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2719 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A447 RedHat Security Advisories: RHSA-2003:279 http://marc.info/?l=bugtraq&m=106373546332230&w=2 http://www.redhat.com/support/errata/RHSA-2003-280.html http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000620.1-1 SuSE Security Announcement: SuSE-SA:2003:038 (Google Search) SuSE Security Announcement: SuSE-SA:2003:039 (Google Search) http://marc.info/?l=bugtraq&m=106381396120332&w=2 XForce ISS Database: openssh-packet-bo(13191) https://exchange.xforce.ibmcloud.com/vulnerabilities/13191
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.