| Description: | Summary:
The remote host is missing an update for the 'openssh'
package(s) announced via the referenced advisory.
Vulnerability Insight:
OpenSSH is OpenBSD's SSH (Secure Shell)
protocol implementation. These packages include the core files necessary for both
the OpenSSH client and server.
It was discovered that the OpenSSH server did not sanitize data received
in requests to enable X11 forwarding. An authenticated client with
restricted SSH access could possibly use this flaw to bypass intended
restrictions. (CVE-2016-3115)
An access flaw was discovered in OpenSSH the OpenSSH client did not
correctly handle failures to generate authentication cookies for untrusted
X11 forwarding. A malicious or compromised remote X application could
possibly use this flaw to establish a trusted connection to the local X
server, even if only untrusted X11 forwarding was requested.
(CVE-2016-1908)
All openssh users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. After installing this
update, the OpenSSH server daemon (sshd) will be restarted automatically.
Affected Software/OS:
openssh on Red Hat Enterprise Linux Server (v. 7)
Solution:
Please Install the Updated Packages.
CVSS Score:
7.5
CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
