ID de Prueba:	1.3.6.1.4.1.25623.1.0.122637
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2007-0540)
Resumen:	The remote host is missing an update for the 'openssh' package(s) announced via the ELSA-2007-0540 advisory.
Descripción:	Summary: The remote host is missing an update for the 'openssh' package(s) announced via the ELSA-2007-0540 advisory. Vulnerability Insight: [4.3p2-24] - fixed audit log injection problem (CVE-2007-3102) (#248059) [4.3p2-23] - document where the nss certificate and token dbs are looked for [4.3p2-22] - experimental support for PKCS#11 tokens through libnss3 (#183423) [4.3p2-21] - fix an information leak in Kerberos password authentication (CVE-2006-5052) (#234638) - correctly setup context when empty level requested (#234951) [4.3p2-20] - and always request default level as returned by getseuserbyname (#231695) [4.3p2-19] - check requested level context against a context with the same role (#231695) [4.3p2-18] - reject connection if requested mls range is not obtained (#229278) [4.3p2-17] - allow selecting non-default roles and audit role changes (#227733) Affected Software/OS: 'openssh' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-5052 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html BugTraq ID: 20245 http://www.securityfocus.com/bid/20245 Bugtraq: 20061005 rPSA-2006-0185-1 gnome-ssh-askpass openssh openssh-client openssh-server (Google Search) http://www.securityfocus.com/archive/1/447861/100/200/threaded Cert/CC Advisory: TA07-072A http://www.us-cert.gov/cas/techalerts/TA07-072A.html http://security.gentoo.org/glsa/glsa-200611-06.xml http://marc.info/?l=openssh-unix-dev&m=115939141729160&w=2 http://www.osvdb.org/29266 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10178 RedHat Security Advisories: RHSA-2006:0697 http://rhn.redhat.com/errata/RHSA-2006-0697.html http://www.redhat.com/support/errata/RHSA-2007-0540.html http://www.redhat.com/support/errata/RHSA-2007-0703.html http://securitytracker.com/id?1016939 http://secunia.com/advisories/22158 http://secunia.com/advisories/22173 http://secunia.com/advisories/22495 http://secunia.com/advisories/22823 http://secunia.com/advisories/24479 http://secunia.com/advisories/27588 http://secunia.com/advisories/28320 http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.592566 SuSE Security Announcement: SUSE-SA:2006:062 (Google Search) http://www.novell.com/linux/security/advisories/2006_62_openssh.html http://www.vupen.com/english/advisories/2007/0930 XForce ISS Database: openssh-gssapi-user-enumeration(29255) https://exchange.xforce.ibmcloud.com/vulnerabilities/29255 Common Vulnerability Exposure (CVE) ID: CVE-2007-3102 BugTraq ID: 26097 http://www.securityfocus.com/bid/26097 https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00214.html https://bugzilla.redhat.com/show_bug.cgi?id=248059 http://osvdb.org/39214 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11124 http://www.redhat.com/support/errata/RHSA-2007-0555.html http://www.redhat.com/support/errata/RHSA-2007-0737.html http://secunia.com/advisories/27235 http://secunia.com/advisories/27590 http://secunia.com/advisories/28319
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.