CentOS Local Security Checks : CentOS Update for python-paramiko CESA-2018:1124 centos6

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.882872

Categoría: CentOS Local Security Checks

Título: CentOS Update for python-paramiko CESA-2018:1124 centos6

Resumen: Check the version of python-paramiko

Descripción: Summary:
Check the version of python-paramiko

Vulnerability Insight:
The python-paramiko package provides a Python
module that implements the SSH2 protocol for encrypted and authenticated
connections to remote machines. Unlike SSL, the SSH2 protocol does not require
hierarchical certificates signed by a powerful central authority. The protocol
also includes the ability to open arbitrary channels to remote services across
an encrypted tunnel.

Security Fix(es):

* python-paramiko: Authentication bypass in transport.py (CVE-2018-7750)

For more details about the security issue(s), including the impact, a CVSS
score, and other related information, refer to the CVE page(s) listed in
the References section.

Affected Software/OS:
python-paramiko on CentOS 6

Solution:
Please install the updated packages.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2018-7750
BugTraq ID: 103713
http://www.securityfocus.com/bid/103713
https://www.exploit-db.com/exploits/45712/
https://lists.debian.org/debian-lts-announce/2018/10/msg00018.html
https://lists.debian.org/debian-lts-announce/2021/12/msg00025.html
RedHat Security Advisories: RHSA-2018:0591
https://access.redhat.com/errata/RHSA-2018:0591
RedHat Security Advisories: RHSA-2018:0646
https://access.redhat.com/errata/RHSA-2018:0646
RedHat Security Advisories: RHSA-2018:1124
https://access.redhat.com/errata/RHSA-2018:1124
RedHat Security Advisories: RHSA-2018:1125
https://access.redhat.com/errata/RHSA-2018:1125
RedHat Security Advisories: RHSA-2018:1213
https://access.redhat.com/errata/RHSA-2018:1213
RedHat Security Advisories: RHSA-2018:1274
https://access.redhat.com/errata/RHSA-2018:1274
RedHat Security Advisories: RHSA-2018:1328
https://access.redhat.com/errata/RHSA-2018:1328
RedHat Security Advisories: RHSA-2018:1525
https://access.redhat.com/errata/RHSA-2018:1525
RedHat Security Advisories: RHSA-2018:1972
https://access.redhat.com/errata/RHSA-2018:1972
https://usn.ubuntu.com/3603-1/
https://usn.ubuntu.com/3603-2/

Copyright Copyright (C) 2018 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.882872
Categoría:	CentOS Local Security Checks
Título:	CentOS Update for python-paramiko CESA-2018:1124 centos6
Resumen:	Check the version of python-paramiko
Descripción:	Summary: Check the version of python-paramiko Vulnerability Insight: The python-paramiko package provides a Python module that implements the SSH2 protocol for encrypted and authenticated connections to remote machines. Unlike SSL, the SSH2 protocol does not require hierarchical certificates signed by a powerful central authority. The protocol also includes the ability to open arbitrary channels to remote services across an encrypted tunnel. Security Fix(es): * python-paramiko: Authentication bypass in transport.py (CVE-2018-7750) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Affected Software/OS: python-paramiko on CentOS 6 Solution: Please install the updated packages. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2018-7750 BugTraq ID: 103713 http://www.securityfocus.com/bid/103713 https://www.exploit-db.com/exploits/45712/ https://lists.debian.org/debian-lts-announce/2018/10/msg00018.html https://lists.debian.org/debian-lts-announce/2021/12/msg00025.html RedHat Security Advisories: RHSA-2018:0591 https://access.redhat.com/errata/RHSA-2018:0591 RedHat Security Advisories: RHSA-2018:0646 https://access.redhat.com/errata/RHSA-2018:0646 RedHat Security Advisories: RHSA-2018:1124 https://access.redhat.com/errata/RHSA-2018:1124 RedHat Security Advisories: RHSA-2018:1125 https://access.redhat.com/errata/RHSA-2018:1125 RedHat Security Advisories: RHSA-2018:1213 https://access.redhat.com/errata/RHSA-2018:1213 RedHat Security Advisories: RHSA-2018:1274 https://access.redhat.com/errata/RHSA-2018:1274 RedHat Security Advisories: RHSA-2018:1328 https://access.redhat.com/errata/RHSA-2018:1328 RedHat Security Advisories: RHSA-2018:1525 https://access.redhat.com/errata/RHSA-2018:1525 RedHat Security Advisories: RHSA-2018:1972 https://access.redhat.com/errata/RHSA-2018:1972 https://usn.ubuntu.com/3603-1/ https://usn.ubuntu.com/3603-2/
Copyright	Copyright (C) 2018 Greenbone AG