Conectiva Local Security Checks : Conectiva Security Advisory CLA-2001:431

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.51588

Kategorie: Conectiva Local Security Checks

Titel: Conectiva Security Advisory CLA-2001:431

Zusammenfassung: NOSUMMARY

Beschreibung: Description:

The remote host is missing updates announced in
advisory CLA-2001:431.

OpenSSH is a tool to access remote machines via a cryptographic
connection.

Three vulnerabilities are being addressed by this advisory:

1) Markus Friedl reported [1] a vulnerability [2] in OpenSSH that
could allow users to circumvent system policy and login from
disallowed source IP addresses.
This only affects sites using the from= key file option in
combination with both RSA and DSA keys in the ~
/.ssh/authorized_keys2
file. If the key with the from= option is immediattely followed by
a key of a different type then the options for this second key are
applied to both keys. If this second key doesn't have the from=
option, for example, this would effectively remove this option from
the first key.

2) Peter W. reported [5] that the sftp subsystem in openssh 2.5 and
2.9 is not subject to command= restrictions in the
~
/.ssh/authorized_keys2 file. Users could bypass these restrictions
if they used sftp, which was enabled by default on our releases of
this package. New installs will have this subsystem disabled by
default (upgrades won't touch this setting).

3) For Conectiva Linux <= 6.0 this update also fixes the older cookie
removal [3] vulnerability, announced [4] by zen-parse, where an user
could trick ssh into removing any file called cookies. This only
affects systems with X11 forwarding enabled, which is not the default
in our packages.

Solution:
The apt tool can be used to perform RPM package upgrades
by running 'apt-get update' followed by 'apt-get upgrade'

http://www.securityspace.com/smysecure/catid.html?in=CLA-2001:431
http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002001

Risk factor : High

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.51588
Kategorie:	Conectiva Local Security Checks
Titel:	Conectiva Security Advisory CLA-2001:431
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory CLA-2001:431. OpenSSH is a tool to access remote machines via a cryptographic connection. Three vulnerabilities are being addressed by this advisory: 1) Markus Friedl reported [1] a vulnerability [2] in OpenSSH that could allow users to circumvent system policy and login from disallowed source IP addresses. This only affects sites using the from= key file option in combination with both RSA and DSA keys in the ~ /.ssh/authorized_keys2 file. If the key with the from= option is immediattely followed by a key of a different type then the options for this second key are applied to both keys. If this second key doesn't have the from= option, for example, this would effectively remove this option from the first key. 2) Peter W. reported [5] that the sftp subsystem in openssh 2.5 and 2.9 is not subject to command= restrictions in the ~ /.ssh/authorized_keys2 file. Users could bypass these restrictions if they used sftp, which was enabled by default on our releases of this package. New installs will have this subsystem disabled by default (upgrades won't touch this setting). 3) For Conectiva Linux <= 6.0 this update also fixes the older cookie removal [3] vulnerability, announced [4] by zen-parse, where an user could trick ssh into removing any file called cookies. This only affects systems with X11 forwarding enabled, which is not the default in our packages. Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://www.securityspace.com/smysecure/catid.html?in=CLA-2001:431 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002001 Risk factor : High
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com