Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  


--------------------------------------------------------------------------
  Turbolinux Security Advisory TLSA-2002-14
  http://www/turbolinux.co.jp/security/
                                            security-team@turbolinux.co.jp
--------------------------------------------------------------------------

Openssh

Root authority capture by unauthorized user

   Release date : 2002-03-08

   Object package : openssh-2.9p2-7

   Problem
    There is a possibility of root authority capture by unauthorized user.



   Solution:
    Please verify version and execute the command below.
    Please update from the openssh-2.9p2-7 version before.
    # rpm -qa | grep openssh

   When problem corresponds, please download the update package. Do the update  by the using the command below.
    Furthermore, please execute the package number which corresponds to your version number. Without starting a new paragraph, please enter the "\ " Bunchu sign.

    Execution example
    ---------------------------------------------------------------------
    # rpm -Fvh Package-1.0.0-1.i586.rpm \
    Package-doc-1.0.0-1.i586.rpm \
    Package-devel-1.0.0-1.i586.rpm

    The case where rpm command is executed, please appoint as follows on the command line.

    # rpm -Fvh package-1.0.0-1.i586.rpm package-doc-1.0.0-1.i586.rpm package-devel-1.0.0-1.i586.rpm
    ---------------------------------------------------------------------

    < Turbolinux 7 Server >
    < Turbolinux 7 Workstation >
    # rpm -Fvh openssh-2.9p2-7.i586.rpm \
    openssh-clients-2.9p2-7.i586.rpm \
    openssh-server-2.9p2-7.i586.rpm \
    openssh-askpass-2.9p2-7.i586.rpm \
    openssh-askpass-gnome-2.9p2-7.i586.rpm

    < Turbolinux Server 6.5 >
    < Turbolinux Advanced Server 6 >
    < Turbolinux Server 6.1 >
    < Turbolinux Workstation 6.0 >
    # rpm -Fvh openssh-2.9p2-7.i386.rpm \
    openssh-clients-2.9p2-7.i386.rpm \
    openssh-server-2.9p2-7.i386.rpm \
    openssh-askpass-2.9p2-7.i386.rpm \
    openssh-askpass-gnome-2.9p2-7.i386.rpm \
    openssl-0.9.6b-1.i386.rpm \
    openssl-devel-0.9.6b-1.i386.rpm

Package updates: http://www.turbolinux.co.jp/update/
    




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.