Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.871328
Category:Red Hat Local Security Checks
Title:RedHat Update for openssh RHSA-2015:0425-01
Summary:The remote host is missing an update for the 'openssh'; package(s) announced via the referenced advisory.
Description:Summary:
The remote host is missing an update for the 'openssh'
package(s) announced via the referenced advisory.

Vulnerability Insight:
OpenSSH is OpenBSD's SSH (Secure Shell) protocol implementation. These
packages include the core files necessary for both the OpenSSH client and
server.

It was discovered that OpenSSH clients did not correctly verify DNS SSHFP
records. A malicious server could use this flaw to force a connecting
client to skip the DNS SSHFP record check and require the user to perform
manual host verification of the DNS SSHFP record. (CVE-2014-2653)

It was found that when OpenSSH was used in a Kerberos environment, remote
authenticated users were allowed to log in as a different user if they were
listed in the ~
/.k5users file of that user, potentially bypassing intended
authentication restrictions. (CVE-2014-9278)

The openssh packages have been upgraded to upstream version 6.6.1, which
provides a number of bug fixes and enhancements over the previous version.
(BZ#1059667)

Bug fixes:

* An existing /dev/log socket is needed when logging using the syslog
utility, which is not possible for all chroot environments based on the
user's home directories. As a consequence, the sftp commands were not
logged in the chroot setup without /dev/log in the internal sftp subsystem.
With this update, openssh has been enhanced to detect whether /dev/log
exists. If /dev/log does not exist, processes in the chroot environment use
their master processes for logging. (BZ#1083482)

* The buffer size for a host name was limited to 64 bytes. As a
consequence, when a host name was 64 bytes long or longer, the ssh-keygen
utility failed. The buffer size has been increased to fix this bug, and
ssh-keygen no longer fails in the described situation. (BZ#1097665)

* Non-ASCII characters have been replaced by their octal representations in
banner messages in order to prevent terminal re-programming attacks.
Consequently, banners containing UTF-8 strings were not correctly displayed
in a client. With this update, banner messages are processed according to
RFC 3454, control characters have been removed, and banners containing
UTF-8 strings are now displayed correctly. (BZ#1104662)

* Red Hat Enterprise Linux uses persistent Kerberos credential caches,
which are shared between sessions. Previously, the GSSAPICleanupCredentials
option was set to 'yes' by default. Consequently, removing a Kerberos cache
on logout could remove unrelated credentials of other sessions, which could
make the system unusable. To fix this bug, GSSAPICleanupCredentials is set
by default to 'no'. (BZ#1134447)

* Access permissions for the /etc/ssh/moduli file were set to 0600, which
was unnecessarily strict. With this update, the permissions ...

Description truncated, please see the referenced URL(s) for more information.

Affected Software/OS:
openssh on Red Hat Enterprise Linux Server (v. 7)

Solution:
Please Install the Updated Packages.

CVSS Score:
5.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:N

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2014-2653
BugTraq ID: 66459
http://www.securityfocus.com/bid/66459
Debian Security Information: DSA-2894 (Google Search)
http://www.debian.org/security/2014/dsa-2894
http://lists.fedoraproject.org/pipermail/package-announce/2014-May/133537.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134026.html
HPdes Security Advisory: HPSBUX03188
http://marc.info/?l=bugtraq&m=141576985122836&w=2
HPdes Security Advisory: SSRT101487
http://www.mandriva.com/security/advisories?name=MDVSA-2014:068
http://www.mandriva.com/security/advisories?name=MDVSA-2015:095
http://openwall.com/lists/oss-security/2014/03/26/7
RedHat Security Advisories: RHSA-2014:1552
http://rhn.redhat.com/errata/RHSA-2014-1552.html
RedHat Security Advisories: RHSA-2015:0425
http://rhn.redhat.com/errata/RHSA-2015-0425.html
http://secunia.com/advisories/59855
http://www.ubuntu.com/usn/USN-2164-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-9278
BugTraq ID: 71420
http://www.securityfocus.com/bid/71420
http://thread.gmane.org/gmane.comp.encryption.kerberos.general/15855
http://www.openwall.com/lists/oss-security/2014/12/02/3
http://www.openwall.com/lists/oss-security/2014/12/04/17
XForce ISS Database: openssh-gssservkrb5-sec-bypass(99090)
https://exchange.xforce.ibmcloud.com/vulnerabilities/99090
CopyrightCopyright (C) 2015 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.