English | Deutsch | Español | Português
 Benutzerkennung:
 Passwort:
Registrieren
 About:   Dediziert  | Erweitert  | Standard  | Wiederkehrend  | Risikolos  | Desktop  | Basis  | Einmalig  | Sicherheits Siegel  | FAQ
  Preis/Funktionszusammenfassung  | Bestellen  | Neue Anfälligkeiten  | Vertraulichkeit  | Anfälligkeiten Suche
 Anfälligkeitssuche        Suche in 150599 CVE Beschreibungen
und 73533 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1576-2                  security@debian.org
http://www.debian.org/security/                           Noah Meyerhans
May 16, 2008                          http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package        : openssh
Vulnerability  : predictable random number generator
Problem type   : remote
Debian-specific: yes
CVE Id(s)      : CVE-2008-0166

Matt Zimmerman discovered that entries in ~/.ssh/authorized_keys with
options (such as "no-port-forwarding" or forced commands) were ignored by
the new ssh-vulnkey tool introduced in openssh 1:4.3p2-9etch1 (see DSA
1576-1). This could cause some compromised keys not to be listed in
ssh-vulnkey's output.

This update also adds more information to ssh-vulnkey's manual page.

For the stable distribution (etch), this problem has been fixed in version
1:4.3p2-9etch2

We recommend that you upgrade your openssh (1:4.3p2-9etch2) package.

Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch
- -------------------------------

Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mipsel, powerpc, s390 and sparc.

Source archives:

  http://security.debian.org/pool/updates/main/o/openssh/openssh_4.3p2-9etch2.dsc
    Size/MD5 checksum:     1010 7bcad5f65ff1722db7c431d3a25e8578
  http://security.debian.org/pool/updates/main/o/openssh/openssh_4.3p2.orig.tar.gz
    Size/MD5 checksum:   920186 239fc801443acaffd4c1f111948ee69c
  http://security.debian.org/pool/updates/main/o/openssh/openssh_4.3p2-9etch2.diff.gz
    Size/MD5 checksum:   276621 27984546be5ba87687ae6e7e5df36578

Architecture independent packages:

  http://security.debian.org/pool/updates/main/o/openssh/ssh-krb5_4.3p2-9etch2_all.deb
    Size/MD5 checksum:    92022 1cd59a62eb401f21421f13a6caf3d509
  http://security.debian.org/pool/updates/main/o/openssh/ssh_4.3p2-9etch2_all.deb
    Size/MD5 checksum:     1052 b096153814cc8949820d9958f8b81a00

alpha architecture (DEC Alpha)

  http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_4.3p2-9etch2_alpha.deb
    Size/MD5 checksum:   100498 2fa04ed9e0ee9625f28964938cc19b64
  http://security.debian.org/pool/updates/main/o/openssh/openssh-client_4.3p2-9etch2_alpha.deb
    Size/MD5 checksum:   782726 0c48b38fc56cdaedb3d4a1eab9ecd25d
  http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_4.3p2-9etch2_alpha.udeb
    Size/MD5 checksum:   213728 ff4b07cb720fb26210c3a49213737168
  http://security.debian.org/pool/updates/main/o/openssh/openssh-server_4.3p2-9etch2_alpha.deb
    Size/MD5 checksum:   266510 113583573c885f7baa40b9a78933c6aa
  http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_4.3p2-9etch2_alpha.udeb
    Size/MD5 checksum:   198498 6dd01cb3b4fe5cf3726142f429281187

amd64 architecture (AMD x86_64 (AMD64))

  http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_4.3p2-9etch2_amd64.deb
    Size/MD5 checksum:   100106 b4dc14aee0a9c94d96e3b392a2dd61e8
  http://security.debian.org/pool/updates/main/o/openssh/openssh-client_4.3p2-9etch2_amd64.deb
    Size/MD5 checksum:   711910 dc68b26b2810e7f47e3fa419c262bc07
  http://security.debian.org/pool/updates/main/o/openssh/openssh-server_4.3p2-9etch2_amd64.deb
    Size/MD5 checksum:   245522 b02dc226eb5aae330b08429a17f0eef6
  http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_4.3p2-9etch2_amd64.udeb
    Size/MD5 checksum:   183854 fa96f8d05d380a6053672de0a6bd30c1
  http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_4.3p2-9etch2_amd64.udeb
    Size/MD5 checksum:   171334 b2eafdc135649523828db8416f22617d

arm architecture (ARM)

  http://security.debian.org/pool/updates/main/o/openssh/openssh-server_4.3p2-9etch2_arm.deb
    Size/MD5 checksum:   218980 6065fa1195e74549c7dd66fbe2b41718
  http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_4.3p2-9etch2_arm.deb
    Size/MD5 checksum:    99668 c6260735e7d50c21e19d01702b4e45bb
  http://security.debian.org/pool/updates/main/o/openssh/openssh-client_4.3p2-9etch2_arm.deb
    Size/MD5 checksum:   650608 42d8f87667ffd3fdccb26ec5c8d775ac
  http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_4.3p2-9etch2_arm.udeb
    Size/MD5 checksum:   171666 4bc55e6d06de4f0bda2771ad78770d27
  http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_4.3p2-9etch2_arm.udeb
    Size/MD5 checksum:   164870 f82b52267f503acfdf3f7ad1b40b0555

hppa architecture (HP PA RISC)

  http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_4.3p2-9etch2_hppa.udeb
    Size/MD5 checksum:   189624 351333a1ca9d92e389b0197ec2cca869
  http://security.debian.org/pool/updates/main/o/openssh/openssh-client_4.3p2-9etch2_hppa.deb
    Size/MD5 checksum:   733002 47e84be664670a3ad083d2a3f90c3124
  http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_4.3p2-9etch2_hppa.deb
    Size/MD5 checksum:   100460 335b7aed705d4b8a1b9f96a5f6f9ec37
  http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_4.3p2-9etch2_hppa.udeb
    Size/MD5 checksum:   198168 ec7f163eb74e84d4a8605e54715acc6a
  http://security.debian.org/pool/updates/main/o/openssh/openssh-server_4.3p2-9etch2_hppa.deb
    Size/MD5 checksum:   249924 7ead727d52913c1ff8630e383f6ea48c

i386 architecture (Intel ia32)

  http://security.debian.org/pool/updates/main/o/openssh/openssh-server_4.3p2-9etch2_i386.deb
    Size/MD5 checksum:   223706 68ed0ebd125d47d1406095a818fac0f8
  http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_4.3p2-9etch2_i386.udeb
    Size/MD5 checksum:   162630 a032adc78b967a09180c480143022e93
  http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_4.3p2-9etch2_i386.deb
    Size/MD5 checksum:    99688 949ba4673d2a74126a485098f29a6a96
  http://security.debian.org/pool/updates/main/o/openssh/openssh-client_4.3p2-9etch2_i386.deb
    Size/MD5 checksum:   659896 b15d0dd5cc67362833a2c7853bdff958
  http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_4.3p2-9etch2_i386.udeb
    Size/MD5 checksum:   154018 4af4893e4eb970c8b005bfee3a1896d5

ia64 architecture (Intel ia64)

  http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_4.3p2-9etch2_ia64.udeb
    Size/MD5 checksum:   251842 ea30a3806bf73fa5df7c01b291b25660
  http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_4.3p2-9etch2_ia64.deb
    Size/MD5 checksum:   101364 33209d8caa1a18569e5fdc2c954b0ad9
  http://security.debian.org/pool/updates/main/o/openssh/openssh-server_4.3p2-9etch2_ia64.deb
    Size/MD5 checksum:   338254 53fecec5c1b02b797e9caa24fa40590e
  http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_4.3p2-9etch2_ia64.udeb
    Size/MD5 checksum:   269868 c1e98de9b285610d6a2e98ed3875cf0b
  http://security.debian.org/pool/updates/main/o/openssh/openssh-client_4.3p2-9etch2_ia64.deb
    Size/MD5 checksum:   962006 ddc1e2a9de43a804c04b74839b2f3c1a

mipsel architecture (MIPS (Little Endian))

  http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_4.3p2-9etch2_mipsel.udeb
    Size/MD5 checksum:   192330 c58ce9d9bd8b904ead41b41fd0190d04
  http://security.debian.org/pool/updates/main/o/openssh/openssh-server_4.3p2-9etch2_mipsel.deb
    Size/MD5 checksum:   251464 dbc9acc8341bfaf9301e4429b20aa579
  http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_4.3p2-9etch2_mipsel.udeb
    Size/MD5 checksum:   201534 11ae7501d65bed1bcd555a31633112a6
  http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_4.3p2-9etch2_mipsel.deb
    Size/MD5 checksum:    99856 0ff3c4ff0b5c891a0772b1e4522252d5
  http://security.debian.org/pool/updates/main/o/openssh/openssh-client_4.3p2-9etch2_mipsel.deb
    Size/MD5 checksum:   735142 8913d6adc4df4b33bf8c60f304bc50b1

powerpc architecture (PowerPC)

  http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_4.3p2-9etch2_powerpc.udeb
    Size/MD5 checksum:   168316 eda08e79a293c684c9371b16ebb6d872
  http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_4.3p2-9etch2_powerpc.deb
    Size/MD5 checksum:   101170 2df82e0bee254e7f3157965c44a1116b
  http://security.debian.org/pool/updates/main/o/openssh/openssh-client_4.3p2-9etch2_powerpc.deb
    Size/MD5 checksum:   700848 167dafdb5c2131fa879934d671bcd0a8
  http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_4.3p2-9etch2_powerpc.udeb
    Size/MD5 checksum:   173326 341ece3621bf9a865db8a51d6edce165
  http://security.debian.org/pool/updates/main/o/openssh/openssh-server_4.3p2-9etch2_powerpc.deb
    Size/MD5 checksum:   237034 c4d121d9e6f7305a96f1ff4bd0cc62cf

s390 architecture (IBM S/390)

  http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_4.3p2-9etch2_s390.udeb
    Size/MD5 checksum:   188518 994524412f881158e5d3c2f8a9d6398a
  http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_4.3p2-9etch2_s390.udeb
    Size/MD5 checksum:   196906 ae0a4c8c4056aa4416ba9f74d3e78e5e
  http://security.debian.org/pool/updates/main/o/openssh/openssh-client_4.3p2-9etch2_s390.deb
    Size/MD5 checksum:   725718 97047ff8dc9d0d42e59fcc04553861f6
  http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_4.3p2-9etch2_s390.deb
    Size/MD5 checksum:   100148 b0fc6b7f3af34bbbb9cdae41ecb244a6
  http://security.debian.org/pool/updates/main/o/openssh/openssh-server_4.3p2-9etch2_s390.deb
    Size/MD5 checksum:   246770 3dc23f0937021e333a4b0be608df07c3

sparc architecture (Sun SPARC/UltraSPARC)

  http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_4.3p2-9etch2_sparc.udeb
    Size/MD5 checksum:   166704 b39759f84a47b5876fc6fa1d0cd15b83
  http://security.debian.org/pool/updates/main/o/openssh/openssh-client_4.3p2-9etch2_sparc.deb
    Size/MD5 checksum:   640390 179203ca93933eaa8533b9d5b92bd018
  http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_4.3p2-9etch2_sparc.deb
    Size/MD5 checksum:    99644 3c7bed91286b1d9480a1453e7672242a
  http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_4.3p2-9etch2_sparc.udeb
    Size/MD5 checksum:   158358 5850cbde916ceb8eed29a0c52e2c799c
  http://security.debian.org/pool/updates/main/o/openssh/openssh-server_4.3p2-9etch2_sparc.deb
    Size/MD5 checksum:   218146 15608f46ef44bcd8f3244dd7fe58de52


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFILbKkYrVLjBFATsMRAqVwAJ9Nna1E7l7uReB/LF003XXq0tqY3ACfWWHs
Tu+altWyFO9ZVdKNrHtH2F8=
=ldSo
-----END PGP SIGNATURE-----

Registrierung eines neuen Benutzers
Email:
Benutzerkennung:
Passwort:
Bitte schicken Sie mir den monatlichen Newsletter, der mich über die neuesten Services, Verbesserungen und Umfragen informiert.
Bitte schicken Sie mir eine Anfälligkeitstest Benachrichtigung, wenn ein neuer Test hinzugefügt wird.
   Datenschutz
Anmeldung für registrierte Benutzer
 
Benutzerkennung:   
Passwort:  

 Benutzerkennung oder Passwort vergessen?
Email/Benutzerkennung:




Startseite | Über uns | Kontakt | Partnerprogramme | Developer APIs | Datenschutz | Mailinglisten | Missbrauch
Sicherheits Überprüfungen | Verwaltete DNS | Netzwerk Überwachung | Webseiten Analysator | Internet Recherche Berichte
Web Sonde

© 1998-2019 E-Soft Inc. Alle Rechte vorbehalten.