English | Deutsch | Español | Português
 UserID:
 Passwd:
 new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   		     Search 61204 CVE descriptions
and 32582 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  


--------------------------------------------------------------------------
  Turbolinux Security Advisory TLSA-2002-13
  http://www/turbolinux.co.jp/security/
                                            security-team@turbolinux.co.jp
--------------------------------------------------------------------------

Openssh

Root authority capture by unauthorized user

   Release date : 2002-03-08

   Object package : openssh-2.9p2-7

   Problem
    There is a possibility of root being captured by an unauthorized user.

  Solution:
    Please execute the command below, verify version.
    From the openssh-2.9p2-7 version before in case of use please do update.

    # rpm -qa | grep openssh

    When it corresponds to this problem, please download the up-to-date package do the update of the package by the command below.
    Furthermore, please read change and execute in the package number which downloads and concerning version number. " The \ " sign of explanatory Bunchu without starting a new paragraph continuing, has displayed the fact that it appoints.

    Execution example
    ---------------------------------------------------------------------
    # rpm -Fvh Package-1.0.0-1.i586.rpm \
    Package-doc-1.0.0-1.i586.rpm \
    Package-devel-1.0.0-1.i586.rpm

    The case where rpm command is executed, please appoint as follows on the command line.

    # rpm -Fvh package-1.0.0-1.i586.rpm package-doc-1.0.0-1.i586.rpm package-devel-1.0.0-1.i586.rpm
    ---------------------------------------------------------------------

    < Turbolinux 7 Server >
    < Turbolinux 7 Workstation >
    # rpm -Fvh openssh-2.9p2-7.i586.rpm \
    openssh-clients-2.9p2-7.i586.rpm \
    openssh-server-2.9p2-7.i586.rpm \
    openssh-askpass-2.9p2-7.i586.rpm \
    openssh-askpass-gnome-2.9p2-7.i586.rpm

    < Turbolinux Server 6.5 >
    < Turbolinux Advanced Server 6 >
    < Turbolinux Server 6.1 >
    < Turbolinux Workstation 6.0 >
    # rpm -Fvh openssh-2.9p2-7.i386.rpm \
    openssh-clients-2.9p2-7.i386.rpm \
    openssh-server-2.9p2-7.i386.rpm \
    openssh-askpass-2.9p2-7.i386.rpm \
    openssh-askpass-gnome-2.9p2-7.i386.rpm \
    openssl-0.9.6b-1.i386.rpm \
    openssl-devel-0.9.6b-1.i386.rpm

Package updates: http://www.turbolinux.co.jp/update/

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  
 Forgot userid or passwd?
Email/Userid:



Home | About Us | Contact Us | Partner Programs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2013 E-Soft Inc. All rights reserved.