Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DLA-3694-1:FAAE2
HistoryDec 26, 2023 - 2:22 a.m.

[SECURITY] [DLA 3694-1] openssh security update

2023-12-2602:22:30
lists.debian.org
21
openssh
ssh protocol
cve-2021-41617
cve-2023-48795
cve-2023-51385
debian 10 buster
command injection
prefix truncation attack
security update

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

7.4 High

AI Score

Confidence

High

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.003 Low

EPSS

Percentile

67.4%

JSON

Debian LTS Advisory DLA-3694-1 [email protected]
https://www.debian.org/lts/security/ Santiago Ruano Rincón
December 25, 2023 https://wiki.debian.org/LTS

Package : openssh
Version : 1:7.9p1-10+deb10u4
CVE ID : CVE-2021-41617 CVE-2023-48795 CVE-2023-51385
Debian Bug : 995130

Several vulnerabilities have been discovered in OpenSSH, an implementation of
the SSH protocol suite.

CVE-2021-41617

It was discovered that sshd failed to correctly initialise supplemental
groups when executing an AuthorizedKeysCommand or
AuthorizedPrincipalsCommand, where a AuthorizedKeysCommandUser or
AuthorizedPrincipalsCommandUser directive has been set to run the command
as a different user. Instead these commands would inherit the groups that
sshd was started with.

CVE-2023-48795

Fabian Baeumer, Marcus Brinkmann and Joerg Schwenk discovered that the SSH
protocol is prone to a prefix truncation attack, known as the "Terrapin
attack". This attack allows a MITM attacker to effect a limited break of the
integrity of the early encrypted SSH transport protocol by sending extra
messages prior to the commencement of encryption, and deleting an equal
number of consecutive messages immediately after encryption starts.

Details can be found at https://terrapin-attack.com/

CVE-2023-51385

It was discovered that if an invalid user or hostname that contained shell
metacharacters was passed to ssh, and a ProxyCommand, LocalCommand
directive or "match exec" predicate referenced the user or hostname via
expansion tokens, then an attacker who could supply arbitrary
user/hostnames to ssh could potentially perform command injection. The
situation could arise in case of git repositories with submodules, where the
repository could contain a submodule with shell characters in its user or
hostname.

For Debian 10 buster, these problems have been fixed in version
1:7.9p1-10+deb10u4.

We recommend that you upgrade your openssh packages.

For the detailed security status of openssh please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/openssh

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
Attachment:
signature.asc
Description: PGP signature

OSVersionArchitecturePackageVersionFilename
Debian11amd64openssh-server-udeb< 1:8.4p1-5+deb11u3openssh-server-udeb_1:8.4p1-5+deb11u3_amd64.deb
Debian10armhfopenssh-client< 1:7.9p1-10+deb10u4openssh-client_1:7.9p1-10+deb10u4_armhf.deb
Debian11armelopenssh-sftp-server< 1:8.4p1-5+deb11u3openssh-sftp-server_1:8.4p1-5+deb11u3_armel.deb
Debian12amd64ssh-askpass-gnome< 1:9.2p1-2+deb12u2ssh-askpass-gnome_1:9.2p1-2+deb12u2_amd64.deb
Debian10arm64openssh-server< 1:7.9p1-10+deb10u4openssh-server_1:7.9p1-10+deb10u4_arm64.deb
Debian12armhfopenssh-client< 1:9.2p1-2+deb12u2openssh-client_1:9.2p1-2+deb12u2_armhf.deb
Debian12arm64openssh-tests< 1:9.2p1-2+deb12u2openssh-tests_1:9.2p1-2+deb12u2_arm64.deb
Debian11armhfopenssh-server< 1:8.4p1-5+deb11u3openssh-server_1:8.4p1-5+deb11u3_armhf.deb
Debian11amd64openssh-sftp-server< 1:8.4p1-5+deb11u3openssh-sftp-server_1:8.4p1-5+deb11u3_amd64.deb
Debian11mipselopenssh-client-dbgsym< 1:8.4p1-5+deb11u3openssh-client-dbgsym_1:8.4p1-5+deb11u3_mipsel.deb
Rows per page:
1-10 of 2501

Related

openvas 50
osv 12
nessus 70
gentoo 1
almalinux 3
oraclelinux 6
fedora 5
debian 1
redhat 7
ubuntu 3
rocky 2
cloudfoundry 1
aix 2
redos 1
ibm 7
mageia 2
amazon 3
redhatcve 2
ubuntucve 2
prion 2
broadcom 1
photon 1
paloalto 1
debiancve 2
cbl_mariner 2
cve 1
suse 1
veracode 2
centos 1
f5 1
alpinelinux 2
freebsd 1
cloudlinux 1
openvas
openvas
Debian: Security Advisory (DLA-3694-1)
2024-01-12 00:00:00
Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2024-1475)
2024-03-21 00:00:00
Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2024-1552)
2024-04-22 00:00:00
osv
osv
openssh - security update
2023-12-25 00:00:00
Moderate: openssh security update
2024-01-30 00:00:00
Moderate: openssh security update
2024-03-05 00:00:00
nessus
nessus
EulerOS 2.0 SP11 : openssh (EulerOS-SA-2024-1241)
2024-03-12 00:00:00
RHEL 9 : openssh (RHSA-2024:1130)
2024-03-05 00:00:00
AlmaLinux 8 : openssh (ALSA-2024:0606)
2024-01-31 00:00:00
gentoo
gentoo
OpenSSH: Multiple Vulnerabilities
2023-12-28 00:00:00
almalinux
almalinux
Moderate: openssh security update
2024-03-05 00:00:00
Moderate: openssh security update
2024-01-30 00:00:00
Moderate: openssh security, bug fix, and enhancement update
2022-05-10 06:45:24
oraclelinux
oraclelinux
openssh security update
2024-02-14 00:00:00
openssh security update
2024-03-06 00:00:00
openssh security update
2024-02-01 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: openssh-9.0p1-18.fc38
2024-01-23 01:22:50
[SECURITY] Fedora 39 Update: openssh-9.3p1-10.fc39
2024-01-12 01:12:26
[SECURITY] Fedora 35 Update: openssh-8.7p1-2.fc35
2021-10-03 00:15:11
debian
debian
[SECURITY] [DSA 5586-1] openssh security update
2023-12-22 08:59:42
redhat
redhat
(RHSA-2024:0455) Moderate: openssh security update
2024-01-24 14:40:54
(RHSA-2024:0594) Moderate: openssh security update
2024-01-30 13:40:59
(RHSA-2024:0429) Moderate: openssh security update
2024-01-24 14:40:32
ubuntu
ubuntu
OpenSSH vulnerabilities
2024-01-11 00:00:00
OpenSSH vulnerabilities
2024-01-03 00:00:00
OpenSSH vulnerability
2022-10-10 00:00:00
rocky
rocky
openssh security update
2024-02-12 20:17:16
openssh security, bug fix, and enhancement update
2022-05-10 06:45:24
cloudfoundry
cloudfoundry
USN-6565-1: OpenSSH vulnerabilities | Cloud Foundry
2024-02-29 00:00:00
aix
aix
AIX is vulnerable to a machine-in-the-middle attack (CVE-2023-48795) arbitrary command execution (CVE-2023-51385) and information disclosure (CVE-2023-51384) due to OpenSSH
2024-02-28 12:58:51
Vulnerabilities in OpenSSH affect AIX.
2022-01-06 09:17:41
redos
redos
ROS-20240319-01
2024-03-19 00:00:00
ibm
ibm
Security Bulletin: AIX is vulnerable to a machine-in-the-middle attack (CVE-2023-48795), arbitrary command execution (CVE-2023-51385), and information disclosure (CVE-2023-51384) due to OpenSSH
2024-03-14 20:09:59
Security Bulletin: IBM QRadar Network Security is affected by Vulnerability in OpenSSH. (CVE-2021-41617)
2022-07-07 10:45:43
Security Bulletin: OpenSSH for IBM i is affected by CVE-2021-41617
2021-12-01 23:03:59
mageia
mageia
Updated openssh packages fix security vulnerabilities
2024-01-15 01:23:43
Updated openssh packages fix security vulnerability
2021-12-19 15:26:08
amazon
amazon
Medium: openssh
2022-02-03 19:30:00
Medium: openssh
2022-02-10 22:00:00
Medium: openssh
2024-03-27 21:32:00
redhatcve
redhatcve
CVE-2021-41617
2021-09-27 20:04:15
CVE-2023-51385
2023-12-19 21:34:54
ubuntucve
ubuntucve
CVE-2021-41617
2021-09-26 00:00:00
CVE-2023-51385
2023-12-20 00:00:00
prion
prion
Command injection
2023-12-18 19:15:00
Privilege escalation
2021-09-26 19:15:00
broadcom
broadcom
A flaw in OpenSSH helper programs could lead to local privilege escalation
2023-08-01 00:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-1.0-0440
2021-10-10 00:00:00
paloalto
paloalto
Informational: Impact of the OpenSSH Vulnerability CVE-2021-41617 on PAN-OS
2021-11-30 18:15:00
debiancve
debiancve
CVE-2021-41617
2021-09-26 19:15:00
CVE-2023-51385
2023-12-18 19:15:08
cbl_mariner
cbl_mariner
CVE-2021-41617 affecting package openssh 8.5p1-3
2021-10-14 02:25:47
CVE-2023-51385 affecting package openssh 8.9p1-2
2024-01-04 19:54:01
cve
cve
CVE-2021-41617
2021-09-26 19:15:00
suse
suse
Security update for openssh (important)
2021-12-06 00:00:00
veracode
veracode
Privilege Escalation
2021-10-06 11:24:31
OS Command Injection
2024-01-30 17:07:03
centos
centos
openssh, pam_ssh_agent_auth security update
2021-12-01 19:19:31
f5
f5
K12705583 : OpenSSH vulnerability CVE-2021-41617
2021-12-06 00:00:00
alpinelinux
alpinelinux
CVE-2021-41617
2021-09-26 19:15:00
CVE-2023-51385
2023-12-18 19:15:08
freebsd
freebsd
OpenSSH -- OpenSSH 6.2 through 8.7 failed to correctly initialise supplemental groups when executing an AuthorizedKeysCommand or AuthorizedPrincipalsCommand
2021-09-26 00:00:00
cloudlinux
cloudlinux
openssh: Fix of CVE-2023-51385
2023-12-28 17:39:04

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

7.4 High

AI Score

Confidence

High

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.003 Low

EPSS

Percentile

67.4%

JSON
Related for DEBIAN:DLA-3694-1:FAAE2
openvas50osv12nessus70gentoo1almalinux3oraclelinux6fedora5debian1redhat7ubuntu3rocky2cloudfoundry1aix2redos1ibm7mageia2amazon3redhatcve2ubuntucve2prion2broadcom1photon1paloalto1debiancve2cbl_mariner2cve1suse1veracode2centos1f51alpinelinux2freebsd1cloudlinux1