Ubuntu Local Security Checks : Ubuntu USN-612-2 (openssh)

Price/Feature Summary | Order | New Vulnerabilities | Confidentiality | Vulnerability Search

Vulnerability Search		Search 61204 CVE descriptions and 32582 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.61488

Category: Ubuntu Local Security Checks

Title: Ubuntu USN-612-2 (openssh)

Summary: Ubuntu USN-612-2 (openssh)

Description:
The remote host is missing an update to openssh
announced via advisory USN-612-2.

For details, please visit the referenced security advisories.

The following Ubuntu releases are affected:

Ubuntu 7.04
Ubuntu 7.10
Ubuntu 8.04 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

Solution:
http://www.securityspace.com/smysecure/catid.html?in=USN-612-2
CVE-2008-0166, http://www.ubuntu.com/usn/usn-612-1

Risk factor : High

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2008-0166
Bugtraq: 20080515 Debian generated SSH-Keys working exploit (Google Search)
http://www.securityfocus.com/archive/1/archive/1/492112/100/0/threaded
http://www.milw0rm.com/exploits/5622
http://www.milw0rm.com/exploits/5632
http://www.milw0rm.com/exploits/5720
http://sourceforge.net/mailarchive/forum.php?thread_name=48367252.7070603%40shemesh.biz&forum_name=rsyncrypto-devel
http://metasploit.com/users/hdm/tools/debian-openssl/
Debian Security Information: DSA-1571 (Google Search)
http://www.debian.org/security/2008/dsa-1571
Debian Security Information: DSA-1576 (Google Search)
http://www.debian.org/security/2008/dsa-1576
http://www.ubuntu.com/usn/usn-612-1
http://www.ubuntu.com/usn/usn-612-2
http://www.ubuntu.com/usn/usn-612-3
http://www.ubuntu.com/usn/usn-612-4
http://www.ubuntu.com/usn/usn-612-7
Cert/CC Advisory: TA08-137A
http://www.us-cert.gov/cas/techalerts/TA08-137A.html
CERT/CC vulnerability note: VU#925211
http://www.kb.cert.org/vuls/id/925211
BugTraq ID: 29179
http://www.securityfocus.com/bid/29179
http://www.securitytracker.com/id?1020017
http://secunia.com/advisories/30220
http://secunia.com/advisories/30221
http://secunia.com/advisories/30231
http://secunia.com/advisories/30239
http://secunia.com/advisories/30249
http://secunia.com/advisories/30136
XForce ISS Database: openssl-rng-weak-security(42375)
http://xforce.iss.net/xforce/xfdb/42375

Copyright Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

New User Registration
Email:

UserID:

Passwd:

Please email me your monthly newsletters, informing the latest services, improvements & surveys.

Please email me a vulnerability test announcement whenever a new test is added.

Privacy

Registered User Login

UserID:

Passwd:

Forgot userid or passwd?

Email/Userid:

Test ID:	1.3.6.1.4.1.25623.1.0.61488
Category:	Ubuntu Local Security Checks
Title:	Ubuntu USN-612-2 (openssh)
Summary:	Ubuntu USN-612-2 (openssh)
Description:	The remote host is missing an update to openssh announced via advisory USN-612-2. For details, please visit the referenced security advisories. The following Ubuntu releases are affected: Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. Solution: http://www.securityspace.com/smysecure/catid.html?in=USN-612-2 CVE-2008-0166, http://www.ubuntu.com/usn/usn-612-1 Risk factor : High
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-0166 Bugtraq: 20080515 Debian generated SSH-Keys working exploit (Google Search) http://www.securityfocus.com/archive/1/archive/1/492112/100/0/threaded http://www.milw0rm.com/exploits/5622 http://www.milw0rm.com/exploits/5632 http://www.milw0rm.com/exploits/5720 http://sourceforge.net/mailarchive/forum.php?thread_name=48367252.7070603%40shemesh.biz&forum_name=rsyncrypto-devel http://metasploit.com/users/hdm/tools/debian-openssl/ Debian Security Information: DSA-1571 (Google Search) http://www.debian.org/security/2008/dsa-1571 Debian Security Information: DSA-1576 (Google Search) http://www.debian.org/security/2008/dsa-1576 http://www.ubuntu.com/usn/usn-612-1 http://www.ubuntu.com/usn/usn-612-2 http://www.ubuntu.com/usn/usn-612-3 http://www.ubuntu.com/usn/usn-612-4 http://www.ubuntu.com/usn/usn-612-7 Cert/CC Advisory: TA08-137A http://www.us-cert.gov/cas/techalerts/TA08-137A.html CERT/CC vulnerability note: VU#925211 http://www.kb.cert.org/vuls/id/925211 BugTraq ID: 29179 http://www.securityfocus.com/bid/29179 http://www.securitytracker.com/id?1020017 http://secunia.com/advisories/30220 http://secunia.com/advisories/30221 http://secunia.com/advisories/30231 http://secunia.com/advisories/30239 http://secunia.com/advisories/30249 http://secunia.com/advisories/30136 XForce ISS Database: openssl-rng-weak-security(42375) http://xforce.iss.net/xforce/xfdb/42375
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com