Test Kennung:	1.3.6.1.4.1.25623.1.0.843922
Kategorie:	Ubuntu Local Security Checks
Titel:	Ubuntu Update for openssh USN-3885-2
Zusammenfassung:	The remote host is missing an update for the 'openssh'; package(s) announced via the USN-3885-2 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'openssh' package(s) announced via the USN-3885-2 advisory. Vulnerability Insight: USN-3885-1 fixed vulnerabilities in OpenSSH. It was discovered that the fix for CVE-2019-6111 turned out to be incomplete. This update fixes the problem. Original advisory details: Harry Sintonen discovered multiple issues in the OpenSSH scp utility. If a user or automated system were tricked into connecting to an untrusted server, a remote attacker could possibly use these issues to write to arbitrary files, change directory permissions, and spoof client output. Affected Software/OS: openssh on Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS, Ubuntu 14.04 LTS. Solution: Please install the updated package(s). CVSS Score: 5.8 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2019-6111 BugTraq ID: 106741 http://www.securityfocus.com/bid/106741 Debian Security Information: DSA-4387 (Google Search) https://www.debian.org/security/2019/dsa-4387 https://www.exploit-db.com/exploits/46193/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W3YVQ2BPTOVDCFDVNC2GGF5P5ISFG37G/ FreeBSD Security Advisory: FreeBSD-EN-19:10 https://www.freebsd.org/security/advisories/FreeBSD-EN-19:10.scp.asc https://security.gentoo.org/glsa/201903-16 https://bugzilla.redhat.com/show_bug.cgi?id=1677794 https://cvsweb.openbsd.org/src/usr.bin/ssh/scp.c https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html https://lists.debian.org/debian-lts-announce/2019/03/msg00030.html https://lists.apache.org/thread.html/c45d9bc90700354b58fb7455962873c44229841880dcb64842fa7d23@%3Cdev.mina.apache.org%3E https://lists.apache.org/thread.html/c7301cab36a86825359e1b725fc40304d1df56dc6d107c1fe885148b@%3Cdev.mina.apache.org%3E https://lists.apache.org/thread.html/e47597433b351d6e01a5d68d610b4ba195743def9730e49561e8cf3f@%3Cdev.mina.apache.org%3E https://lists.apache.org/thread.html/d540139359de999b0f1c87d05b715be4d7d4bec771e1ae55153c5c7a@%3Cdev.mina.apache.org%3E http://www.openwall.com/lists/oss-security/2019/04/18/1 RedHat Security Advisories: RHSA-2019:3702 https://access.redhat.com/errata/RHSA-2019:3702 SuSE Security Announcement: openSUSE-SU-2019:1602 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00058.html https://usn.ubuntu.com/3885-1/ https://usn.ubuntu.com/3885-2/
Copyright	Copyright (C) 2019 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.