Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2021 Greenbone AGOPENVAS:13614125623114201706071
HistoryApr 19, 2021 - 12:00 a.m.

SUSE: Security Advisory (SUSE-SU-2017:0607-1)

2021-04-1900:00:00
Copyright (C) 2021 Greenbone AG
plugins.openvas.org
1

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

8.7 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.784 High

EPSS

Percentile

98.2%

JSON

The remote host is missing an update for the

# SPDX-FileCopyrightText: 2021 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.1.4.2017.0607.1");
  script_cve_id("CVE-2016-10009", "CVE-2016-10011", "CVE-2016-8858");
  script_tag(name:"creation_date", value:"2021-04-19 00:00:00 +0000 (Mon, 19 Apr 2021)");
  script_version("2024-02-02T14:37:49+0000");
  script_tag(name:"last_modification", value:"2024-02-02 14:37:49 +0000 (Fri, 02 Feb 2024)");
  script_tag(name:"cvss_base", value:"7.8");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_tag(name:"severity_vector", value:"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2016-12-09 17:19:49 +0000 (Fri, 09 Dec 2016)");

  script_name("SUSE: Security Advisory (SUSE-SU-2017:0607-1)");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2021 Greenbone AG");
  script_family("SuSE Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/suse_sles", "ssh/login/rpms", re:"ssh/login/release=(SLES12\.0SP1)");

  script_xref(name:"Advisory-ID", value:"SUSE-SU-2017:0607-1");
  script_xref(name:"URL", value:"https://www.suse.com/support/update/announcement/2017/suse-su-20170607-1/");

  script_tag(name:"summary", value:"The remote host is missing an update for the 'openssh' package(s) announced via the SUSE-SU-2017:0607-1 advisory.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");

  script_tag(name:"insight", value:"This update for openssh fixes the following issues:
- CVE-2016-8858: prevent resource depletion during key exchange
 (bsc#1005480)
- CVE-2016-10009: limit directories for loading PKCS11 modules to avoid
 privilege escalation (bsc#1016366)
- CVE-2016-10011: Prevent possible leaks of host private keys to
 low-privilege process handling authentication (bsc#1016369)
- Fix suggested command for removing conflicting server keys from the
 known_hosts file (bsc#1006221)
- Properly verify CIDR masks in the AllowUsers and DenyUsers configuration
 lists (bsc#1005893)");

  script_tag(name:"affected", value:"'openssh' package(s) on SUSE Linux Enterprise Server 12-SP1.");

  script_tag(name:"solution", value:"Please install the updated package(s).");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"package");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-rpm.inc");

release = rpm_get_ssh_release();
if(!release)
  exit(0);

res = "";
report = "";

if(release == "SLES12.0SP1") {

  if(!isnull(res = isrpmvuln(pkg:"openssh", rpm:"openssh~6.6p1~54.7.1", rls:"SLES12.0SP1"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"openssh-askpass-gnome", rpm:"openssh-askpass-gnome~6.6p1~54.7.1", rls:"SLES12.0SP1"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"openssh-askpass-gnome-debuginfo", rpm:"openssh-askpass-gnome-debuginfo~6.6p1~54.7.1", rls:"SLES12.0SP1"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"openssh-debuginfo", rpm:"openssh-debuginfo~6.6p1~54.7.1", rls:"SLES12.0SP1"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"openssh-debugsource", rpm:"openssh-debugsource~6.6p1~54.7.1", rls:"SLES12.0SP1"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"openssh-fips", rpm:"openssh-fips~6.6p1~54.7.1", rls:"SLES12.0SP1"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"openssh-helpers", rpm:"openssh-helpers~6.6p1~54.7.1", rls:"SLES12.0SP1"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"openssh-helpers-debuginfo", rpm:"openssh-helpers-debuginfo~6.6p1~54.7.1", rls:"SLES12.0SP1"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

exit(0);

Related

nessus 81
openvas 30
aix 1
fedora 1
ibm 21
symantec 2
slackware 1
archlinux 1
redhatcve 3
f5 4
freebsd_advisory 2
cve 4
checkpoint_advisories 1
debiancve 4
prion 4
ubuntucve 4
freebsd 3
oraclelinux 1
ubuntu 1
osv 4
amazon 3
alpinelinux 3
cloudfoundry 1
seebug 2
cloudlinux 1
myhack58 1
zdt 1
packetstorm 2
redhat 1
centos 1
photon 1
broadcom 1
veracode 1
altlinux 3
debian 1
gentoo 1
rosalinux 1
cisa 1
nessus
nessus
SUSE SLES11 Security Update : openssh (SUSE-SU-2017:0606-1)
2017-03-07 00:00:00
SUSE SLED12 Security Update : openssh (SUSE-SU-2017:0607-2)
2017-03-10 00:00:00
openSUSE Security Update : openssh (openSUSE-2017-339)
2017-03-14 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2017:1661-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:0607-2)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:0607-3)
2021-04-19 00:00:00
aix
aix
Vulnerabilities in OpenSSH affect AIX.
2017-02-05 23:36:10
fedora
fedora
[SECURITY] Fedora 25 Update: openssh-7.4p1-1.fc25
2017-01-06 20:25:39
ibm
ibm
Security Bulletin: Vulnerabilities in OpenSSH affect IBM Chassis Management Module (CMM)
2019-01-31 02:40:01
Security Bulletin: IBM Security Network Protection is affected by vulnerabilities in OpenSSH (CVE-2016-6210 CVE-2016-6515 CVE-2016-10009 CVE-2016-10011)
2018-06-16 22:03:39
Security Bulletin: Vulnerabilities in OpenSSH affect IBM BladeCenter Advanced Management Module (AMM)
2023-04-14 14:32:25
symantec
symantec
SA144 : OpenSSH Vulnerabilities January 2017
2017-03-02 08:00:00
SA136 : OpenSSH Vulnerabilities
2016-12-13 08:00:00
slackware
slackware
[slackware-security] openssh
2016-12-24 01:35:34
archlinux
archlinux
[ASA-201612-20] openssh: multiple issues
2016-12-22 00:00:00
redhatcve
redhatcve
CVE-2016-8858
2016-10-20 07:47:22
CVE-2016-10011
2016-12-20 08:47:24
CVE-2016-10009
2016-12-20 07:47:25
f5
f5
K57304814 : OpenSSH vulnerability CVE-2016-8858
2017-01-19 00:00:00
K24324390 : OpenSSH vulnerability CVE-2016-10011
2017-01-27 00:00:00
K31440025 : OpenSSH vulnerability CVE-2016-10009
2017-01-24 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-16:33.openssh
2016-11-02 00:00:00
FreeBSD-SA-17:01.openssh
2017-01-11 00:00:00
cve
cve
CVE-2016-8858
2016-12-09 11:59:00
CVE-2016-10011
2017-01-05 02:59:00
CVE-2016-10009
2017-01-05 02:59:00
checkpoint_advisories
checkpoint_advisories
OpenSSH kex_input_kexinit Denial of Service (CVE-2016-8858)
2017-04-23 00:00:00
debiancve
debiancve
CVE-2016-8858
2016-12-09 11:59:00
CVE-2016-10011
2017-01-05 02:59:00
CVE-2016-10009
2017-01-05 02:59:00
prion
prion
Design/Logic Flaw
2016-12-09 11:59:00
Design/Logic Flaw
2017-01-05 02:59:00
Design/Logic Flaw
2017-01-05 02:59:00
ubuntucve
ubuntucve
CVE-2016-8858
2016-12-09 00:00:00
CVE-2016-10011
2017-01-04 00:00:00
CVE-2016-10009
2017-01-04 00:00:00
freebsd
freebsd
FreeBSD -- OpenSSH Remote Denial of Service vulnerability
2016-10-19 00:00:00
FreeBSD -- OpenSSH multiple vulnerabilities
2017-01-11 00:00:00
openssh -- multiple vulnerabilities
2016-12-25 00:00:00
oraclelinux
oraclelinux
openssh security, bug fix, and enhancement update
2017-08-07 00:00:00
ubuntu
ubuntu
OpenSSH vulnerabilities
2018-01-22 00:00:00
osv
osv
CVE-2016-10011
2017-01-05 02:59:03
CVE-2016-10009
2017-01-05 02:59:03
CVE-2023-38408
2023-07-20 03:15:10
amazon
amazon
Medium: openssh
2017-10-03 11:00:00
Important: openssh
2023-08-03 18:09:00
Important: openssh
2023-08-17 11:39:00
alpinelinux
alpinelinux
CVE-2016-10011
2017-01-05 02:59:00
CVE-2016-10009
2017-01-05 02:59:00
CVE-2023-38408
2023-07-20 03:15:10
cloudfoundry
cloudfoundry
USN-3538-1: OpenSSH vulnerabilities | Cloud Foundry
2018-02-01 00:00:00
seebug
seebug
OpenSSH information leak Vulnerability, CVE-2016-10011)
2016-12-21 00:00:00
OpenSSH remote code execution vulnerability, CVE-2016-10009)
2016-12-21 00:00:00
cloudlinux
cloudlinux
Fixed CVE-2016-10009 in openssh-5.3p1
2022-07-04 19:13:43
myhack58
myhack58
OpenSSH is now in the risk of vulnerabilities can cause remote code execution-vulnerability warning-the black bar safety net
2016-12-21 00:00:00
zdt
zdt
OpenSSH 7.4 - agent Protocol Arbitrary Library Loading Vulnerability
2016-12-23 00:00:00
packetstorm
packetstorm
OpenSSH Arbitrary Library Loading
2016-12-23 00:00:00
OpenSSH Forwarded SSH-Agent Remote Code Execution
2023-07-20 00:00:00
redhat
redhat
(RHSA-2017:2029) Moderate: openssh security, bug fix, and enhancement update
2017-08-01 05:57:17
centos
centos
openssh, pam_ssh_agent_auth security update
2017-08-24 01:40:16
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2016-0014
2016-12-15 00:00:00
broadcom
broadcom
The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution (CVE-2023-38408)
2023-11-07 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2023-07-20 11:22:49
altlinux
altlinux
Security fix for the ALT Linux 6 package openssh version 6.7p1-alt1.M60P.3
2016-10-20 00:00:00
Security fix for the ALT Linux 8 package openssh version 7.2p2-alt2
2016-10-21 00:00:00
Security fix for the ALT Linux 7 package openssh version 6.7p1-alt1.M70P.3
2016-10-20 00:00:00
debian
debian
[SECURITY] [DLA 1500-1] openssh security update
2018-09-10 08:44:17
gentoo
gentoo
OpenSSH: Multiple vulnerabilities
2016-12-07 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1938
2021-07-02 17:38:20
cisa
cisa
Juniper Networks Releases Security Updates
2018-01-11 00:00:00

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

8.7 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.784 High

EPSS

Percentile

98.2%

JSON
Related for OPENVAS:13614125623114201706071
nessus81openvas30aix1fedora1ibm21symantec2slackware1archlinux1redhatcve3f54freebsd_advisory2cve4checkpoint_advisories1debiancve4prion4ubuntucve4freebsd3oraclelinux1ubuntu1osv4amazon3alpinelinux3cloudfoundry1seebug2cloudlinux1myhack581zdt1packetstorm2redhat1centos1photon1broadcom1veracode1altlinux3debian1gentoo1rosalinux1cisa1