openssh, pam_ssh_agent_auth security update

🗓️ 30 Nov 2015 19:46:33Reported by CentOS ProjectType

centos

centos🔗 lists.centos.org👁 109 Views

OpenSSH and pam_ssh_agent_auth security update for CentO

Reporter	Title	Published	Views	Family All 278
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Open Source openssh affect IBM Security Identity Governance Appliance (CVE-2015-5352, CVE-2015-6563, CVE-2015-6564 )	16 Jun 201821:46	–	ibm
IBM Security Bulletins	Security Bulletin: A vulnerability in OpenSSH affects IBM Security Network Intrusion Prevention System (CVE-2015-5600)	23 Feb 202219:48	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in libxml, openssh, PAM, Firefox, affects IBM SmartCloud Provisioning for IBM Software Virtual Appliance	17 Jun 201822:30	–	ibm
IBM Security Bulletins	IBM Security Network Protection / IBM QRadar Network Security / XGS Technote Index	31 Jan 202100:10	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in OpenSSH affect SAN Volume Controller and Storwize Family (CVE-2015-6563 CVE-2015-6564)	29 Mar 202301:48	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in OpenSSH affect IBM Flex System Manager (FSM)	18 Jun 201801:34	–	ibm
IBM Security Bulletins	Security Bulletin: Openssh vulnerabilities affect IBM SmartClound Entry (CVE-2015-5352 CVE-2015-6563 CVE-2015-6564)	19 Jul 202000:49	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Security Vulnerabilities fixed in IBM Security Privileged Identity Manager	16 Jun 201821:45	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in ntp, libxml2, openssh, sqlite and python-base affect IBM BladeCenter Advanced Management Module (AMM)	14 Apr 202314:32	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in OpenSSH affect the IBM FlashSystem models 840 and 900	18 Feb 202301:45	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
CentOS	7	x86_64	openssh	6.6.1p1-22.el7	openssh-6.6.1p1-22.el7.x86_64.rpm
CentOS	7	x86_64	openssh-askpass	6.6.1p1-22.el7	openssh-askpass-6.6.1p1-22.el7.x86_64.rpm
CentOS	7	x86_64	openssh-clients	6.6.1p1-22.el7	openssh-clients-6.6.1p1-22.el7.x86_64.rpm
CentOS	7	x86_64	openssh-keycat	6.6.1p1-22.el7	openssh-keycat-6.6.1p1-22.el7.x86_64.rpm
CentOS	7	x86_64	openssh-ldap	6.6.1p1-22.el7	openssh-ldap-6.6.1p1-22.el7.x86_64.rpm
CentOS	7	x86_64	openssh-server	6.6.1p1-22.el7	openssh-server-6.6.1p1-22.el7.x86_64.rpm
CentOS	7	x86_64	openssh-server-sysvinit	6.6.1p1-22.el7	openssh-server-sysvinit-6.6.1p1-22.el7.x86_64.rpm
CentOS	7	i686	pam_ssh_agent_auth	0.9.3-9.22.el7	pam_ssh_agent_auth-0.9.3-9.22.el7.i686.rpm
CentOS	7	x86_64	pam_ssh_agent_auth	0.9.3-9.22.el7	pam_ssh_agent_auth-0.9.3-9.22.el7.x86_64.rpm

Source	Link
reddit	www.reddit.com/r/CentOS/
linkedin	www.linkedin.com/groups/22405
rhn	www.rhn.redhat.com/errata/RHSA-2015-2088.html
steadfast	www.steadfast.net/
twitter	www.twitter.com/centos
facebook	www.facebook.com/groups/centosproject/
youtube	www.youtube.com/TheCentOSProject

30 Nov 2015 19:46Current

7.1High risk

Vulners AI Score7.1

CVSS 28.5

CVSS 3.18.1

EPSS0.78359

SSVC

openssh pam_ssh_agent_auth privilege separation use-after-free sshd keyboard-interactive ssh-agent sshd_config sftp controlmaster ldap ldif gssapi