Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.51022
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2003:280
Summary:NOSUMMARY
Description:Description:

The remote host is missing updates announced in
advisory RHSA-2003:280.

OpenSSH is a suite of network connectivity tools that can be used to
establish encrypted connections between systems on a network and can
provide interactive login sessions and port forwarding, among other functions.

The OpenSSH team has announced a bug which affects the OpenSSH buffer
handling code. This bug has the potential of being remotely exploitable.

All users of OpenSSH should immediately apply this update which contains a
backported fix for this issue.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2003-280.html
http://marc.theaimsgroup.com/?l=openbsd-misc&m=106371592604940

Risk factor : Critical

CVSS Score:
10.0

Cross-Ref: BugTraq ID: 8628
Common Vulnerability Exposure (CVE) ID: CVE-2003-0693
Bugtraq: 20030916 OpenSSH Buffer Management Bug Advisory (Google Search)
http://marc.info/?l=bugtraq&m=106373247528528&w=2
Bugtraq: 20030916 [slackware-security] OpenSSH Security Advisory (SSA:2003-259-01) (Google Search)
http://marc.info/?l=bugtraq&m=106374466212309&w=2
Bugtraq: 20030917 [OpenPKG-SA-2003.040] OpenPKG Security Advisory (openssh) (Google Search)
http://marc.info/?l=bugtraq&m=106381409220492&w=2
http://www.cert.org/advisories/CA-2003-24.html
CERT/CC vulnerability note: VU#333628
http://www.kb.cert.org/vuls/id/333628
Debian Security Information: DSA-382 (Google Search)
http://www.debian.org/security/2003/dsa-382
Debian Security Information: DSA-383 (Google Search)
http://www.debian.org/security/2003/dsa-383
En Garde Linux Advisory: ESA-20030916-023
FreeBSD Security Advisory: FreeBSD-SA-03:12
http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/010103.html
http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/010135.html
http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/010146.html
Immunix Linux Advisory: IMNX-2003-7+-020-01
http://www.mandriva.com/security/advisories?name=MDKSA-2003:090
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2719
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A447
RedHat Security Advisories: RHSA-2003:279
http://marc.info/?l=bugtraq&m=106373546332230&w=2
http://www.redhat.com/support/errata/RHSA-2003-280.html
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000620.1-1
SuSE Security Announcement: SuSE-SA:2003:038 (Google Search)
SuSE Security Announcement: SuSE-SA:2003:039 (Google Search)
http://marc.info/?l=bugtraq&m=106381396120332&w=2
XForce ISS Database: openssh-packet-bo(13191)
https://exchange.xforce.ibmcloud.com/vulnerabilities/13191
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.