Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2008-0855)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.122560

Categoría: Oracle Linux Local Security Checks

Título: Oracle: Security Advisory (ELSA-2008-0855)

Resumen: The remote host is missing an update for the 'openssh' package(s) announced via the ELSA-2008-0855 advisory.

Descripción: Summary:
The remote host is missing an update for the 'openssh' package(s) announced via the ELSA-2008-0855 advisory.

Vulnerability Insight:
[4.3p2-26.el5_2.1]
- CVE-2007-4752 - Prevent ssh(1) from using a trusted X11 cookie if creation of an
untrusted cookie fails (#280361)

Affected Software/OS:
'openssh' package(s) on Oracle Linux 4, Oracle Linux 5.

Solution:
Please install the updated package(s).

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2007-4752
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
BugTraq ID: 25628
http://www.securityfocus.com/bid/25628
Bugtraq: 20070917 FLEA-2007-0055-1 openssh openssh-client openssh-server gnome-ssh-askpass (Google Search)
http://www.securityfocus.com/archive/1/479760/100/0/threaded
Bugtraq: 20071115 Re: HPSBUX02287 SSRT071485 rev.1 - HP-UX Running HP Secure Shell, Remotely Gain Extended Privileges (Google Search)
http://www.securityfocus.com/archive/1/483748/100/200/threaded
Debian Security Information: DSA-1576 (Google Search)
http://www.debian.org/security/2008/dsa-1576
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00214.html
http://security.gentoo.org/glsa/glsa-200711-02.xml
HPdes Security Advisory: HPSBUX02287
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01271085
HPdes Security Advisory: SSRT071485
http://www.mandriva.com/security/advisories?name=MDKSA-2007:236
https://bugzilla.redhat.com/show_bug.cgi?id=280471
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10809
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5599
http://www.redhat.com/support/errata/RHSA-2008-0855.html
http://secunia.com/advisories/27399
http://secunia.com/advisories/29420
http://secunia.com/advisories/30249
http://secunia.com/advisories/31575
http://secunia.com/advisories/32241
http://securityreason.com/securityalert/3126
SuSE Security Announcement: SUSE-SR:2007:022 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html
http://www.ubuntu.com/usn/usn-566-1
http://www.vupen.com/english/advisories/2007/3156
http://www.vupen.com/english/advisories/2008/0924/references
http://www.vupen.com/english/advisories/2008/2821
XForce ISS Database: openssh-x11cookie-privilege-escalation(36637)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36637
Common Vulnerability Exposure (CVE) ID: CVE-2008-3844
BugTraq ID: 30794
http://www.securityfocus.com/bid/30794
http://securitytracker.com/id?1020730
XForce ISS Database: openssh-rhel-backdoor(44747)
https://exchange.xforce.ibmcloud.com/vulnerabilities/44747

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.122560
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2008-0855)
Resumen:	The remote host is missing an update for the 'openssh' package(s) announced via the ELSA-2008-0855 advisory.
Descripción:	Summary: The remote host is missing an update for the 'openssh' package(s) announced via the ELSA-2008-0855 advisory. Vulnerability Insight: [4.3p2-26.el5_2.1] - CVE-2007-4752 - Prevent ssh(1) from using a trusted X11 cookie if creation of an untrusted cookie fails (#280361) Affected Software/OS: 'openssh' package(s) on Oracle Linux 4, Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-4752 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html BugTraq ID: 25628 http://www.securityfocus.com/bid/25628 Bugtraq: 20070917 FLEA-2007-0055-1 openssh openssh-client openssh-server gnome-ssh-askpass (Google Search) http://www.securityfocus.com/archive/1/479760/100/0/threaded Bugtraq: 20071115 Re: HPSBUX02287 SSRT071485 rev.1 - HP-UX Running HP Secure Shell, Remotely Gain Extended Privileges (Google Search) http://www.securityfocus.com/archive/1/483748/100/200/threaded Debian Security Information: DSA-1576 (Google Search) http://www.debian.org/security/2008/dsa-1576 https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00214.html http://security.gentoo.org/glsa/glsa-200711-02.xml HPdes Security Advisory: HPSBUX02287 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01271085 HPdes Security Advisory: SSRT071485 http://www.mandriva.com/security/advisories?name=MDKSA-2007:236 https://bugzilla.redhat.com/show_bug.cgi?id=280471 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10809 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5599 http://www.redhat.com/support/errata/RHSA-2008-0855.html http://secunia.com/advisories/27399 http://secunia.com/advisories/29420 http://secunia.com/advisories/30249 http://secunia.com/advisories/31575 http://secunia.com/advisories/32241 http://securityreason.com/securityalert/3126 SuSE Security Announcement: SUSE-SR:2007:022 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html http://www.ubuntu.com/usn/usn-566-1 http://www.vupen.com/english/advisories/2007/3156 http://www.vupen.com/english/advisories/2008/0924/references http://www.vupen.com/english/advisories/2008/2821 XForce ISS Database: openssh-x11cookie-privilege-escalation(36637) https://exchange.xforce.ibmcloud.com/vulnerabilities/36637 Common Vulnerability Exposure (CVE) ID: CVE-2008-3844 BugTraq ID: 30794 http://www.securityfocus.com/bid/30794 http://securitytracker.com/id?1020730 XForce ISS Database: openssh-rhel-backdoor(44747) https://exchange.xforce.ibmcloud.com/vulnerabilities/44747
Copyright	Copyright (C) 2015 Greenbone AG