 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.852377 |
| Kategorie: | SuSE Local Security Checks |
| Titel: | openSUSE: Security Advisory for putty (openSUSE-SU-2019:1113-1) |
| Zusammenfassung: | The remote host is missing an update for the 'putty'; package(s) announced via the openSUSE-SU-2019:1113-1 advisory. |
| Beschreibung: | Summary: The remote host is missing an update for the 'putty' package(s) announced via the openSUSE-SU-2019:1113-1 advisory. Vulnerability Insight: This update for putty fixes the following issues: Update to new upstream release 0.71 [boo#1129633] * CVE-2019-9894: Fixed a remotely triggerable memory overwrite in RSA key exchange, which can occur before host key verification potential recycling of random numbers used in cryptography. * CVE-2019-9895: Fixed a remotely triggerable buffer overflow in any kind of server-to-client forwarding. * CVE-2019-9897: Fixed multiple denial-of-service attacks that can be triggered by writing to the terminal. * CVE-2019-9898: Fixed potential recycling of random numbers used in cryptography * CVE-2019-9896 (Windows only): Fixed hijacking by a malicious help file in the same directory as the executable * Major rewrite of the crypto code to remove cache and timing side channels. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'. Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-1113=1 Affected Software/OS: 'putty' package(s) on openSUSE Leap 15.0. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2019-9894 Bugtraq: 20190403 [SECURITY] [DSA 4423-1] putty security update (Google Search) https://seclists.org/bugtraq/2019/Apr/6 Debian Security Information: DSA-4423 (Google Search) https://www.debian.org/security/2019/dsa-4423 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/ https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html https://lists.debian.org/debian-lts-announce/2019/04/msg00023.html SuSE Security Announcement: openSUSE-SU-2019:1113 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html SuSE Security Announcement: openSUSE-SU-2019:1123 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html Common Vulnerability Exposure (CVE) ID: CVE-2019-9895 Common Vulnerability Exposure (CVE) ID: CVE-2019-9896 Common Vulnerability Exposure (CVE) ID: CVE-2019-9897 Common Vulnerability Exposure (CVE) ID: CVE-2019-9898 BugTraq ID: 107523 http://www.securityfocus.com/bid/107523 |
| Copyright | Copyright (C) 2019 Greenbone Networks GmbH |
| Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |