Test Kennung:	1.3.6.1.4.1.25623.1.0.120114
Kategorie:	Amazon Linux Local Security Checks
Titel:	Amazon Linux: Security Advisory (ALAS-2015-568)
Zusammenfassung:	The remote host is missing an update for the 'openssh' package(s) announced via the ALAS-2015-568 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'openssh' package(s) announced via the ALAS-2015-568 advisory. Vulnerability Insight: It was reported that when forwarding X11 connections with ForwardX11Trusted=no, connections made after ForwardX11Timeout expired could be permitted and no longer subject to XSECURITY restrictions because of an ineffective timeout check in ssh(1) coupled with 'fail open' behavior in the X11 server when clients attempted connections with expired credentials. Affected Software/OS: 'openssh' package(s) on Amazon Linux. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2015-5352 BugTraq ID: 75525 http://www.securityfocus.com/bid/75525 https://security.gentoo.org/glsa/201512-04 https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html http://openwall.com/lists/oss-security/2015/07/01/10 RedHat Security Advisories: RHSA-2016:0741 http://rhn.redhat.com/errata/RHSA-2016-0741.html http://www.securitytracker.com/id/1032797 SuSE Security Announcement: SUSE-SU-2015:1581 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.html http://www.ubuntu.com/usn/USN-2710-1 http://www.ubuntu.com/usn/USN-2710-2
Copyright	Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.