Test ID:	1.3.6.1.4.1.25623.1.0.57224
Category:	Turbolinux Local Security Tests
Title:	Turbolinux TLSA-2005-100 (openssh)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to openssh announced via advisory TLSA-2005-100. OpenSSH is a FREE version of the SSH protocol suite of network connectivity tools that increasing numbers of people on the Internet are coming to rely on. The sshd in OpenSSH, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts. This vulnerability may allow remote users to bypass access control rules. Solution: Please use the turbopkg (zabom) tool to apply the update. http://www.securityspace.com/smysecure/catid.html?in=TLSA-2005-100 Risk factor : High
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CAN-2005-2798 1014845 http://securitytracker.com/id?1014845 14729 http://www.securityfocus.com/bid/14729 16686 http://secunia.com/advisories/16686 17077 http://secunia.com/advisories/17077 17245 http://secunia.com/advisories/17245 18010 http://secunia.com/advisories/18010 18406 http://secunia.com/advisories/18406 18507 http://secunia.com/advisories/18507 18661 http://secunia.com/advisories/18661 18717 http://secunia.com/advisories/18717 19141 http://www.osvdb.org/19141 ADV-2006-0144 http://www.vupen.com/english/advisories/2006/0144 HPSBUX02090 http://www.securityfocus.com/archive/1/421411/100/0/threaded MDKSA-2005:172 http://www.mandriva.com/security/advisories?name=MDKSA-2005:172 RHSA-2005:527 http://www.redhat.com/support/errata/RHSA-2005-527.html SCOSA-2005.53 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.53/SCOSA-2005.53.txt SSRT051058 SUSE-SR:2006:003 http://lists.suse.com/archive/suse-security-announce/2006-Feb/0001.html USN-209-1 https://usn.ubuntu.com/209-1/ [openssh-unix-announce] 20050901 Announce: OpenSSH 4.2 released http://www.mindrot.org/pipermail/openssh-unix-announce/2005-September/000083.html hpux-secure-shell-dos(24064) https://exchange.xforce.ibmcloud.com/vulnerabilities/24064 http://support.avaya.com/elmodocs2/security/ASA-2006-016.htm http://support.avaya.com/elmodocs2/security/ASA-2006-033.htm oval:org.mitre.oval:def:1345 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1345 oval:org.mitre.oval:def:1566 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1566 oval:org.mitre.oval:def:9717 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9717
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.