Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.10802
Kategorie:Gain a shell remotely
Titel:OpenSSH < 3.0.1
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

You are running a version of OpenSSH which is older than 3.0.1.

Versions older than 3.0.1 are vulnerable to a flaw in which
an attacker may authenticate, provided that Kerberos V support
has been enabled (which is not the case by default).
It is also vulnerable as an excessive memory clearing bug,
believed to be unexploitable.

*** You may ignore this warning if this host is not using
*** Kerberos V

Solution : Upgrade to OpenSSH 3.0.1

Risk factor : Low (if you are not using Kerberos) / High (if kerberos is enabled)

Querverweis: BugTraq ID: 3560
BugTraq ID: 4241
BugTraq ID: 4560
Common Vulnerability Exposure (CVE) ID: CVE-2002-0083
http://www.securityfocus.com/bid/4241
Bugtraq: 20020307 OpenSSH Security Advisory (adv.channelalloc) (Google Search)
http://marc.info/?l=bugtraq&m=101553908201861&w=2
Bugtraq: 20020307 [PINE-CERT-20020301] OpenSSH off-by-one (Google Search)
http://marc.info/?l=bugtraq&m=101552065005254&w=2
Bugtraq: 20020308 [OpenPKG-SA-2002.002] OpenPKG Security Advisory (openssh) (Google Search)
http://marc.info/?l=bugtraq&m=101561384821761&w=2
Bugtraq: 20020310 OpenSSH 2.9.9p2 packages for Immunix 6.2 with latest fix (Google Search)
http://marc.info/?l=bugtraq&m=101586991827622&w=2
Bugtraq: 20020311 TSLSA-2002-0039 - openssh (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2002-03/0108.html
Bugtraq: 20020328 OpenSSH channel_lookup() off by one exploit (Google Search)
http://online.securityfocus.com/archive/1/264657
Caldera Security Advisory: CSSA-2002-012.0
http://www.calderasystems.com/support/security/advisories/CSSA-2002-012.0.txt
Caldera Security Advisory: CSSA-2002-SCO.10
ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.10/CSSA-2002-SCO.10.txt
Caldera Security Advisory: CSSA-2002-SCO.11
ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.11/CSSA-2002-SCO.11.txt
Conectiva Linux advisory: CLA-2002:467
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000467
Debian Security Information: DSA-119 (Google Search)
http://www.debian.org/security/2002/dsa-119
En Garde Linux Advisory: ESA-20020307-007
http://www.linuxsecurity.com/advisories/other_advisory-1937.html
FreeBSD Security Advisory: FreeBSD-SA-02:13
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc
HPdes Security Advisory: HPSBTL0203-029
http://online.securityfocus.com/advisories/3960
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-019.php
NETBSD Security Advisory: NetBSD-SA2002-004
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-004.txt.asc
http://www.osvdb.org/730
http://www.redhat.com/support/errata/RHSA-2002-043.html
SuSE Security Announcement: SuSE-SA:2002:009 (Google Search)
http://www.novell.com/linux/security/advisories/2002_009_openssh_txt.html
http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0060.html
http://www.iss.net/security_center/static/8383.php
CopyrightThis script is Copyright (C) 2001 Renaud Deraison

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.