Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:
Kategorie:Red Hat Local Security Checks
Titel:RedHat Security Advisory RHSA-2006:0697

The remote host is missing updates announced in
advisory RHSA-2006:0697.

OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation. This
package includes the core files necessary for both the OpenSSH client and

Mark Dowd discovered a signal handler race condition in the OpenSSH sshd
server. A remote attacker could possibly leverage this flaw to cause a
denial of service (crash). (CVE-2006-5051) The OpenSSH project believes the
likelihood of successful exploitation leading to arbitrary code execution
appears remote. However, the Red Hat Security Response Team have not yet
been able to verify this claim due to lack of upstream vulnerability
information. We are therefore including a fix for this flaw and have rated
it important security severity in the event our continued investigation
finds this issue to be exploitable.

Tavis Ormandy of the Google Security Team discovered a denial of service
bug in the OpenSSH sshd server. A remote attacker can send a specially
crafted SSH-1 request to the server causing sshd to consume a large
quantity of CPU resources. (CVE-2006-4924)

All users of openssh should upgrade to these updated packages, which
contain backported patches that resolves these issues.

Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

Risk factor : Critical

CVSS Score:

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2006-4924
BugTraq ID: 20216
Bugtraq: 20060927 rPSA-2006-0174-1 gnome-ssh-askpass openssh openssh-client openssh-server (Google Search)
Cert/CC Advisory: TA07-072A
CERT/CC vulnerability note: VU#787448
Debian Security Information: DSA-1189 (Google Search)
Debian Security Information: DSA-1212 (Google Search)
FreeBSD Security Advisory: FreeBSD-SA-06:22.openssh
HPdes Security Advisory: HPSBUX02178
HPdes Security Advisory: SSRT061267
OpenBSD Security Advisory: [2.9] 015: SECURITY FIX: October 12, 2006
SCO Security Bulletin: SCOSA-2008.2
SGI Security Advisory: 20061001-01-P
SuSE Security Announcement: SUSE-SA:2006:062 (Google Search)
SuSE Security Announcement: SUSE-SR:2006:024 (Google Search)
XForce ISS Database: openssh-block-dos(29158)
Common Vulnerability Exposure (CVE) ID: CVE-2006-5051
BugTraq ID: 20241
CERT/CC vulnerability note: VU#851340
XForce ISS Database: openssh-signal-handler-race-condition(29254)
CopyrightCopyright (c) 2006 E-Soft Inc.

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.