Test Kennung:	1.3.6.1.4.1.25623.1.0.11712
Kategorie:	Misc.
Titel:	OpenSSH Reverse DNS Lookup bypass
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: You are running OpenSSH-portable 3.6.1 or older. There is a flaw in this version which may allow an attacker to bypass the access controls set by the administrator of this server. OpenSSH features a mechanism which can restrict the list of hosts a given user can log from by specifying a pattern in the user key file (ie: *.mynetwork.com would let a user connect only from the local network). However there is a flaw in the way OpenSSH does reverse DNS lookups. If an attacker configures his DNS server to send a numeric IP address when a reverse lookup is performed, he may be able to circumvent this mechanism. Solution : Upgrade to OpenSSH 3.6.2 when it comes out Risk factor : Low
Querverweis:	BugTraq ID: 7831 Common Vulnerability Exposure (CVE) ID: CVE-2003-0386 http://www.securityfocus.com/bid/7831 Bugtraq: 20030605 OpenSSH remote clent address restriction circumvention (Google Search) http://www.securityfocus.com/archive/1/324016/2003-06-03/2003-06-09/0 CERT/CC vulnerability note: VU#978316 http://www.kb.cert.org/vuls/id/978316 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9894 http://www.redhat.com/support/errata/RHSA-2006-0298.html http://www.redhat.com/support/errata/RHSA-2006-0698.html http://secunia.com/advisories/21129 http://secunia.com/advisories/21262 http://secunia.com/advisories/21724 http://secunia.com/advisories/22196 http://secunia.com/advisories/23680 SGI Security Advisory: 20060703-01-P ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc
Copyright	This script is Copyright (C) 2003 Tenable Network Security

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.