ID de Prueba:	1.3.6.1.4.1.25623.1.0.50744
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2003:090 (openssh)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to openssh announced via advisory MDKSA-2003:090. A buffer management error was discovered in all versions of openssh prior to version 3.7. According to the OpenSSH team's advisory: It is uncertain whether this error is potentially exploitable, however, we prefer to see bugs fixed proactively. There have also been reports of an exploit in the wild. MandrakeSoft encourages all users to upgrade to these patched openssh packages immediately and to disable sshd until you are able to upgrade if at all possible. Affected versions: 8.2, 9.0, 9.1, Corporate Server 2.1, Multi Network Firewall 8.2 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2003:090 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0693 http://www.kb.cert.org/vuls/id/333628 http://www.openssh.com/txt/buffer.adv Risk factor : Critical CVSS Score: 10.0
Referencia Cruzada:	BugTraq ID: 8628 Common Vulnerability Exposure (CVE) ID: CVE-2003-0693 Bugtraq: 20030916 OpenSSH Buffer Management Bug Advisory (Google Search) http://marc.info/?l=bugtraq&m=106373247528528&w=2 Bugtraq: 20030916 [slackware-security] OpenSSH Security Advisory (SSA:2003-259-01) (Google Search) http://marc.info/?l=bugtraq&m=106374466212309&w=2 Bugtraq: 20030917 [OpenPKG-SA-2003.040] OpenPKG Security Advisory (openssh) (Google Search) http://marc.info/?l=bugtraq&m=106381409220492&w=2 http://www.cert.org/advisories/CA-2003-24.html CERT/CC vulnerability note: VU#333628 http://www.kb.cert.org/vuls/id/333628 Debian Security Information: DSA-382 (Google Search) http://www.debian.org/security/2003/dsa-382 Debian Security Information: DSA-383 (Google Search) http://www.debian.org/security/2003/dsa-383 En Garde Linux Advisory: ESA-20030916-023 FreeBSD Security Advisory: FreeBSD-SA-03:12 http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/010103.html http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/010135.html http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/010146.html Immunix Linux Advisory: IMNX-2003-7+-020-01 http://www.mandriva.com/security/advisories?name=MDKSA-2003:090 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2719 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A447 RedHat Security Advisories: RHSA-2003:279 http://marc.info/?l=bugtraq&m=106373546332230&w=2 http://www.redhat.com/support/errata/RHSA-2003-280.html http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000620.1-1 SuSE Security Announcement: SuSE-SA:2003:038 (Google Search) SuSE Security Announcement: SuSE-SA:2003:039 (Google Search) http://marc.info/?l=bugtraq&m=106381396120332&w=2 XForce ISS Database: openssh-packet-bo(13191) https://exchange.xforce.ibmcloud.com/vulnerabilities/13191
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.