Lucene search

Basic search
Lucene search
Search by product

Database

Vendors

Gentoo FoundationGLSA-201512-04

HistoryDec 20, 2015 - 12:00 a.m.

Vulners
/
Gentoo
/
OpenSSH: Multiple vulnerabilities

OpenSSH: Multiple vulnerabilities

2015-12-2000:00:00

Gentoo Foundation

security.gentoo.org

CVSS2

8.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:P/I:N/A:C

EPSS

0.164

Percentile

96.0%

JSON

Background

OpenSSH is a complete SSH protocol implementation that includes an SFTP client and server support.

Description

Multiple vulnerabilities have been discovered in OpenSSH. Please review the CVE identifiers referenced below for details.

Impact

Workaround

There is no known workaround at this time.

Resolution

All openssh users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose "&gt;=net-misc/openssh-7.1_p1-r2"

OSVersionArchitecturePackageVersionFilename
Gentooanyallnet-misc/openssh< 7.1_p1-r2UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Gentoo	any	all	net-misc/openssh	< 7.1_p1-r2	UNKNOWN

openvas 34

nessus 49

oraclelinux 4

freebsd 2

suse 1

ibm 21

altlinux 2

redhat 3

amazon 3

fedora 7

centos 3

symantec 1

f5 8

aix 3

debian 3

ubuntu 2

osv 3

zdt 2

cve 5

prion 5

cvelist 5

ubuntucve 5

nvd 5

debiancve 5

exploitpack 1

veracode 4

archlinux 2

cloudfoundry 1

mageia 2

securityvulns 2

arista 1

checkpoint_advisories 1

exploitdb 1

freebsd_advisory 1

rosalinux 1

ics 1

openvas

Gentoo Security Advisory GLSA 201512-04

2015-12-22 00:00:00

Oracle: Security Advisory (ELSA-2015-2088)

2015-11-24 00:00:00

SUSE: Security Advisory (SUSE-SU-2015:1544-1)

2021-04-19 00:00:00

nessus

GLSA-201512-04 : OpenSSH: Multiple vulnerabilities

2015-12-22 00:00:00

OpenSSH < 7.0 Multiple Vulnerabilities

2015-08-13 00:00:00

OpenSSH < 7.0 Multiple Vulnerabilities

2016-04-22 00:00:00

oraclelinux

openssh security, bug fix, and enhancement update

2015-11-23 00:00:00

openssh security, bug fix, and enhancement update

2016-05-12 00:00:00

openssh security update

2016-03-21 00:00:00

freebsd

OpenSSH -- PAM vulnerabilities

2015-08-11 00:00:00

OpenSSH -- MaxAuthTries limit bypass via duplicates in KbdInteractiveDevices

2015-07-21 00:00:00

suse

Security update for openssh (important)

2015-09-21 09:10:02

ibm

Security Bulletin: Vulnerabilities in OpenSSH affect IBM Security Network Protection (CVE-2015-5352, CVE-2015-6563, and CVE-2015-6564)

2018-06-16 21:45:01

Security Bulletin: Openssh vulnerabilities affect IBM SmartClound Entry (CVE-2015-5352 CVE-2015-6563 CVE-2015-6564)

2020-07-19 00:49:12

Security Bulletin: Fixes for Multiple Security Vulnerabilities in IBM Security Identity Manager Virtual Appliance available

2018-06-16 21:47:36

altlinux

Security fix for the ALT Linux 7 package openssh version 6.7p1-alt1.M70P.4

2016-11-08 00:00:00

Security fix for the ALT Linux 6 package openssh version 6.7p1-alt1.M60P.4

2016-11-08 00:00:00

redhat

(RHSA-2015:2088) Moderate: openssh security, bug fix, and enhancement update

2015-11-19 14:41:38

(RHSA-2016:0741) Moderate: openssh security, bug fix, and enhancement update

2016-05-10 06:42:16

(RHSA-2016:0466) Moderate: openssh security update

2016-03-21 00:00:00

amazon

Medium: openssh

2015-12-14 10:00:00

Medium: openssh

2015-09-02 12:00:00

Medium: openssh

2015-07-22 10:00:00

fedora

[SECURITY] Fedora 21 Update: openssh-6.6.1p1-16.fc21

2015-08-27 23:52:00

[SECURITY] Fedora 22 Update: openssh-6.9p1-4.fc22

2015-07-31 07:53:13

[SECURITY] Fedora 22 Update: openssh-6.9p1-5.fc22

2015-08-19 08:15:54

centos

openssh, pam_ssh_agent_auth security update

2015-11-30 19:46:33

openssh, pam_ssh_agent_auth security update

2016-05-16 10:19:28

openssh, pam_ssh_agent_auth security update

2016-03-21 22:18:29

symantec

SA104 : OpenSSH Vulnerabilities

2015-12-08 08:00:00

K17263 : OpenSSH vulnerabilities CVE-2015-6563 and CVE-2015-6564

2015-09-17 00:00:00

SOL17263 - OpenSSH vulnerabilities CVE-2015-6563 and CVE-2015-6564

2015-09-16 00:00:00

SOL17270 - OpenSSH vulnerability CVE-2015-6565

2015-09-15 00:00:00

aix

AIX OpenSSH Vulnerability

2015-10-21 09:17:40

AIX OpenSSH Vulnerability

2016-01-29 16:13:16

AIX OpenSSH Vulnerability

2015-09-04 05:15:17

debian

[SECURITY] [DLA 288-1] openssh security update

2015-08-07 11:38:21

[SECURITY] [DLA 1500-1] openssh security update

2018-09-10 08:44:17

[SECURITY] [DLA 288-2] openssh regression update

2015-09-30 03:37:43

ubuntu

OpenSSH regression

2015-08-18 00:00:00

OpenSSH vulnerabilities

2015-08-14 00:00:00

osv

openssh - security update

2015-09-30 00:00:00

openssh - security update

2018-09-10 00:00:00

openssh - regression update

2015-09-30 00:00:00

zdt

OpenSSH 6.8-6.9 pty issue Privilege Escalation Vulnerability

2015-09-04 00:00:00

OpenSSH 6.8 < 6.9 - PTY Privilege Escalation Exploit

2017-01-26 00:00:00

cve

CVE-2015-6565

2015-08-24 01:59:02

CVE-2015-6563

2015-08-24 01:59:00

CVE-2015-6564

2015-08-24 01:59:01

prion

Code injection

2015-08-24 01:59:00

Design/Logic Flaw

2015-08-24 01:59:00

Design/Logic Flaw

2015-08-24 01:59:00

cvelist

CVE-2015-6565

2015-08-24 00:00:00

CVE-2015-6564

2015-08-24 00:00:00

CVE-2015-5600

2015-08-03 00:00:00

ubuntucve

CVE-2015-6565

2015-08-24 00:00:00

CVE-2015-5352

2015-08-02 00:00:00

CVE-2015-6564

2015-08-24 00:00:00

nvd

CVE-2015-6565

2015-08-24 01:59:02

CVE-2015-6564

2015-08-24 01:59:01

CVE-2015-6563

2015-08-24 01:59:00

debiancve

CVE-2015-6565

2015-08-24 01:59:02

CVE-2015-6564

2015-08-24 01:59:01

CVE-2015-6563

2015-08-24 01:59:00

exploitpack

OpenSSH 6.8 6.9 - PTY Local Privilege Escalation

2017-01-26 00:00:00

veracode

Privilege Escalation

2019-05-02 05:29:33

Authorization Bypass

2019-01-15 09:11:25

Insecure Authentication

2019-01-15 09:10:32

archlinux

openssh: authentication limits bypass

2015-07-23 00:00:00

openssh: XSECURITY restrictions bypass

2015-07-04 00:00:00

cloudfoundry

USN-2710-1 OpenSSH Vulnerabilities | Cloud Foundry

2015-09-08 00:00:00

mageia

Updated openssh package fixes security vulnerability

2015-07-09 11:09:20

Updated openssh package fixes security vulnerability

2015-07-29 00:01:59

securityvulns

OpenSSH resreictions bypass

2015-08-24 00:00:00

FreeBSD Security Advisory FreeBSD-SA-15:16.openssh [REVISED]

2015-08-02 00:00:00

arista

Security Advisory 0012

2015-08-20 00:00:00

checkpoint_advisories

OpenSSH kbdint_next_device Policy Bypass (CVE-2015-5600)

2016-09-28 00:00:00

exploitdb

OpenSSH 6.8 < 6.9 - 'PTY' Local Privilege Escalation

2017-01-26 00:00:00

freebsd_advisory

FreeBSD-SA-15:16.openssh

2015-07-28 00:00:00

rosalinux

Advisory ROSA-SA-2021-1938

2021-07-02 17:38:20

ics

Siemens SCALANCE X-200RNA Switch Devices

2022-12-19 12:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

CVSS2

8.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:P/I:N/A:C

EPSS

0.164

Percentile

96.0%

JSON

Related for GLSA-201512-04