ID de Prueba:	1.3.6.1.4.1.25623.1.0.121436
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 201601-01
Resumen:	Gentoo Linux Local Security Checks GLSA 201601-01
Descripción:	Summary: Gentoo Linux Local Security Checks GLSA 201601-01 Vulnerability Insight: Qualys have reported two issues in the roaming code included in the OpenSSH client, which provides undocumented, experimental support for resuming SSH connections. An OpenSSH client could be tricked into leaking parts of its memory to a malicious server. Furthermore, a buffer overflow can be exploited by a malicious server, but its exploitation requires non-default options and is mitigated due to another bug. Solution: Update the affected packages to the latest available version. CVSS Score: 4.6 CVSS Vector: AV:N/AC:H/Au:S/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-0777 http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html BugTraq ID: 80695 http://www.securityfocus.com/bid/80695 Bugtraq: 20160114 Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778 (Google Search) http://www.securityfocus.com/archive/1/537295/100/0/threaded Debian Security Information: DSA-3446 (Google Search) http://www.debian.org/security/2016/dsa-3446 http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176516.html http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176349.html http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175592.html http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175676.html FreeBSD Security Advisory: FreeBSD-SA-16:07 https://security.FreeBSD.org/advisories/FreeBSD-SA-16:07.openssh.asc http://seclists.org/fulldisclosure/2016/Jan/44 https://security.gentoo.org/glsa/201601-01 http://packetstormsecurity.com/files/135273/Qualys-Security-Advisory-OpenSSH-Overflow-Leak.html http://www.openwall.com/lists/oss-security/2016/01/14/7 http://www.securitytracker.com/id/1034671 SuSE Security Announcement: SUSE-SU-2016:0117 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00006.html SuSE Security Announcement: SUSE-SU-2016:0118 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00007.html SuSE Security Announcement: SUSE-SU-2016:0119 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00008.html SuSE Security Announcement: SUSE-SU-2016:0120 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00009.html SuSE Security Announcement: openSUSE-SU-2016:0127 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00013.html SuSE Security Announcement: openSUSE-SU-2016:0128 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00014.html http://www.ubuntu.com/usn/USN-2869-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-0778 BugTraq ID: 80698 http://www.securityfocus.com/bid/80698
Copyright	Copyright (C) 2016 Eero Volotinen

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.