Test ID:	1.3.6.1.4.1.25623.1.0.55283
Category:	Fedora Local Security Checks
Title:	Fedora Core 4 FEDORA-2005-860 (openssh)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to openssh announced via advisory FEDORA-2005-860. This security update fixes CVE-2005-2797 and CVE-2005-2798 and resolves a problem with X forwarding binding only on IPv6 address on certain circumstances. As it is an upgrade to a newer upstream release there is a small change in interoperability with ssh clients older than 3.5p1 if they are configured so they insist on compression. If interoperability with such clients is required, the Compression option must be set to yes. * Wed Sep 7 2005 Tomas Mraz 4.2p1-fc4.1 - upgrade to a new upstream version - don't use X11 port which can't be bound on all IP families (#163732) Solution: Apply the appropriate updates. This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/ This update can also be installed with the Update Agent you can launch the Update Agent with the 'up2date' command. http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2005-860 Risk factor : Medium CVSS Score: 5.0
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2005-2797 1014845 http://securitytracker.com/id?1014845 14727 http://www.securityfocus.com/bid/14727 16686 http://secunia.com/advisories/16686 18010 http://secunia.com/advisories/18010 18661 http://secunia.com/advisories/18661 19142 http://www.osvdb.org/19142 19243 http://secunia.com/advisories/19243 OpenPKG-SA-2005.019 http://marc.info/?l=bugtraq&m=112605977304049&w=2 SCOSA-2005.53 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.53/SCOSA-2005.53.txt SCOSA-2006.11 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.11/SCOSA-2006.11.txt [openssh-unix-announce] 20050901 Announce: OpenSSH 4.2 released http://www.mindrot.org/pipermail/openssh-unix-announce/2005-September/000083.html http://support.avaya.com/elmodocs2/security/ASA-2006-033.htm Common Vulnerability Exposure (CVE) ID: CVE-2005-2798 14729 http://www.securityfocus.com/bid/14729 17077 http://secunia.com/advisories/17077 17245 http://secunia.com/advisories/17245 18406 http://secunia.com/advisories/18406 18507 http://secunia.com/advisories/18507 18717 http://secunia.com/advisories/18717 19141 http://www.osvdb.org/19141 ADV-2006-0144 http://www.vupen.com/english/advisories/2006/0144 HPSBUX02090 http://www.securityfocus.com/archive/1/421411/100/0/threaded MDKSA-2005:172 http://www.mandriva.com/security/advisories?name=MDKSA-2005:172 RHSA-2005:527 http://www.redhat.com/support/errata/RHSA-2005-527.html SSRT051058 SUSE-SR:2006:003 http://lists.suse.com/archive/suse-security-announce/2006-Feb/0001.html USN-209-1 https://usn.ubuntu.com/209-1/ hpux-secure-shell-dos(24064) https://exchange.xforce.ibmcloud.com/vulnerabilities/24064 http://support.avaya.com/elmodocs2/security/ASA-2006-016.htm oval:org.mitre.oval:def:1345 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1345 oval:org.mitre.oval:def:1566 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1566 oval:org.mitre.oval:def:9717 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9717
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.