Lucene search
Copyright (C) 2024 Greenbone AGOPENVAS:13614125623114202405961HistoryFeb 23, 2024 - 12:00 a.m.
SUSE: Security Advisory (SUSE-SU-2024:0596-1)
2024-02-2300:00:00
Copyright (C) 2024 Greenbone AG
plugins.openvas.org
3
suse
security advisory
openssh
cve-2023-51385
update
command injection
suse enterprise storage
suse linux enterprise desktop
suse linux enterprise high performance computing
suse linux enterprise micro
suse linux enterprise micro for rancher
suse linux enterprise server
suse linux enterprise server for sap applications
suse manager proxy
suse manager retail branch server
The remote host is missing an update for the
# SPDX-FileCopyrightText: 2024 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.1.4.2024.0596.1");
script_cve_id("CVE-2023-51385");
script_tag(name:"creation_date", value:"2024-02-23 04:22:38 +0000 (Fri, 23 Feb 2024)");
script_version("2024-02-23T05:07:12+0000");
script_tag(name:"last_modification", value:"2024-02-23 05:07:12 +0000 (Fri, 23 Feb 2024)");
script_tag(name:"cvss_base", value:"6.4");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:N");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2024-01-03 19:40:07 +0000 (Wed, 03 Jan 2024)");
script_name("SUSE: Security Advisory (SUSE-SU-2024:0596-1)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2024 Greenbone AG");
script_family("SuSE Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/suse_sles", "ssh/login/rpms", re:"ssh/login/release=(SLES15\.0SP3|SLES15\.0SP4)");
script_xref(name:"Advisory-ID", value:"SUSE-SU-2024:0596-1");
script_xref(name:"URL", value:"https://www.suse.com/support/update/announcement/2024/suse-su-20240596-1/");
script_tag(name:"summary", value:"The remote host is missing an update for the 'openssh' package(s) announced via the SUSE-SU-2024:0596-1 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"This update for openssh fixes the following issues:
CVE-2023-51385: Limit the use of shell metacharacters in host- and
user names to avoid command injection. (bsc#1218215)");
script_tag(name:"affected", value:"'openssh' package(s) on SUSE Enterprise Storage 7.1, SUSE Linux Enterprise Desktop 15-SP4, SUSE Linux Enterprise High Performance Computing 15-SP3, SUSE Linux Enterprise High Performance Computing 15-SP4, SUSE Linux Enterprise Micro 5.1, SUSE Linux Enterprise Micro 5.2, SUSE Linux Enterprise Micro 5.3, SUSE Linux Enterprise Micro 5.4, SUSE Linux Enterprise Micro 5.5, SUSE Linux Enterprise Micro for Rancher 5.2, SUSE Linux Enterprise Micro for Rancher 5.3, SUSE Linux Enterprise Micro for Rancher 5.4, SUSE Linux Enterprise Server 15-SP3, SUSE Linux Enterprise Server 15-SP4, SUSE Linux Enterprise Server for SAP Applications 15-SP3, SUSE Linux Enterprise Server for SAP Applications 15-SP4, SUSE Manager Proxy 4.3, SUSE Manager Retail Branch Server 4.3, SUSE Manager Server 4.3.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "SLES15.0SP3") {
if(!isnull(res = isrpmvuln(pkg:"openssh", rpm:"openssh~8.4p1~150300.3.30.1", rls:"SLES15.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"openssh-askpass-gnome", rpm:"openssh-askpass-gnome~8.4p1~150300.3.30.1", rls:"SLES15.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"openssh-askpass-gnome-debuginfo", rpm:"openssh-askpass-gnome-debuginfo~8.4p1~150300.3.30.1", rls:"SLES15.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"openssh-askpass-gnome-debugsource", rpm:"openssh-askpass-gnome-debugsource~8.4p1~150300.3.30.1", rls:"SLES15.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"openssh-clients", rpm:"openssh-clients~8.4p1~150300.3.30.1", rls:"SLES15.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"openssh-clients-debuginfo", rpm:"openssh-clients-debuginfo~8.4p1~150300.3.30.1", rls:"SLES15.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"openssh-common", rpm:"openssh-common~8.4p1~150300.3.30.1", rls:"SLES15.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"openssh-common-debuginfo", rpm:"openssh-common-debuginfo~8.4p1~150300.3.30.1", rls:"SLES15.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"openssh-debuginfo", rpm:"openssh-debuginfo~8.4p1~150300.3.30.1", rls:"SLES15.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"openssh-debugsource", rpm:"openssh-debugsource~8.4p1~150300.3.30.1", rls:"SLES15.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"openssh-fips", rpm:"openssh-fips~8.4p1~150300.3.30.1", rls:"SLES15.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"openssh-helpers", rpm:"openssh-helpers~8.4p1~150300.3.30.1", rls:"SLES15.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"openssh-helpers-debuginfo", rpm:"openssh-helpers-debuginfo~8.4p1~150300.3.30.1", rls:"SLES15.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"openssh-server", rpm:"openssh-server~8.4p1~150300.3.30.1", rls:"SLES15.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"openssh-server-debuginfo", rpm:"openssh-server-debuginfo~8.4p1~150300.3.30.1", rls:"SLES15.0SP3"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "SLES15.0SP4") {
if(!isnull(res = isrpmvuln(pkg:"openssh", rpm:"openssh~8.4p1~150300.3.30.1", rls:"SLES15.0SP4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"openssh-askpass-gnome", rpm:"openssh-askpass-gnome~8.4p1~150300.3.30.1", rls:"SLES15.0SP4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"openssh-askpass-gnome-debuginfo", rpm:"openssh-askpass-gnome-debuginfo~8.4p1~150300.3.30.1", rls:"SLES15.0SP4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"openssh-askpass-gnome-debugsource", rpm:"openssh-askpass-gnome-debugsource~8.4p1~150300.3.30.1", rls:"SLES15.0SP4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"openssh-clients", rpm:"openssh-clients~8.4p1~150300.3.30.1", rls:"SLES15.0SP4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"openssh-clients-debuginfo", rpm:"openssh-clients-debuginfo~8.4p1~150300.3.30.1", rls:"SLES15.0SP4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"openssh-common", rpm:"openssh-common~8.4p1~150300.3.30.1", rls:"SLES15.0SP4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"openssh-common-debuginfo", rpm:"openssh-common-debuginfo~8.4p1~150300.3.30.1", rls:"SLES15.0SP4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"openssh-debuginfo", rpm:"openssh-debuginfo~8.4p1~150300.3.30.1", rls:"SLES15.0SP4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"openssh-debugsource", rpm:"openssh-debugsource~8.4p1~150300.3.30.1", rls:"SLES15.0SP4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"openssh-fips", rpm:"openssh-fips~8.4p1~150300.3.30.1", rls:"SLES15.0SP4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"openssh-helpers", rpm:"openssh-helpers~8.4p1~150300.3.30.1", rls:"SLES15.0SP4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"openssh-helpers-debuginfo", rpm:"openssh-helpers-debuginfo~8.4p1~150300.3.30.1", rls:"SLES15.0SP4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"openssh-server", rpm:"openssh-server~8.4p1~150300.3.30.1", rls:"SLES15.0SP4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"openssh-server-debuginfo", rpm:"openssh-server-debuginfo~8.4p1~150300.3.30.1", rls:"SLES15.0SP4"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Related
amazon
amazon
Medium: openssh
2024-03-27 21:32:00
nessus
nessus
SUSE SLES15 Security Update : openssh (SUSE-SU-2024:0603-1)
2024-02-24 00:00:00
F5 Networks BIG-IP : OpenSSH vulnerability (K000138827)
2024-03-06 00:00:00
SUSE SLES12 Security Update : openssh (SUSE-SU-2024:0604-1)
2024-02-24 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:0604-1)
2024-02-26 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:0603-1)
2024-02-26 00:00:00
Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2024-1460)
2024-03-21 00:00:00
cbl_mariner
cbl_mariner
CVE-2023-51385 affecting package openssh for versions less than 9.7p1-1
2024-05-17 21:38:35
CVE-2023-51385 affecting package openssh for versions less than 8.9p1-3
2024-01-04 19:54:01
ubuntucve
ubuntucve
CVE-2023-51385
2023-12-20 00:00:00
redhatcve
redhatcve
CVE-2023-51385
2023-12-19 21:34:54
prion
prion
Command injection
2023-12-18 19:15:00
cloudlinux
cloudlinux
openssh: Fix of CVE-2023-51385
2023-12-28 17:39:04
debiancve
debiancve
CVE-2023-51385
2023-12-18 19:15:08
veracode
veracode
OS Command Injection
2024-01-30 17:07:03
alpinelinux
alpinelinux
CVE-2023-51385
2023-12-18 19:15:08
osv
osv
CVE-2023-51385
2023-12-18 19:15:08
Moderate: openssh security update
2024-03-05 00:00:00
Moderate: openssh security update
2024-01-30 00:00:00
cvelist
cvelist
CVE-2023-51385
2023-12-18 00:00:00
f5
f5
K000138827 : OpenSSH vulnerability CVE-2023-51385
2024-03-06 00:00:00
ibm
ibm
rosalinux
rosalinux
Advisory ROSA-SA-2024-2340
2024-02-14 09:58:40
cve
cve
CVE-2023-51385
2023-12-18 19:15:08
redhat
redhat
(RHSA-2024:0455) Moderate: openssh security update
2024-01-24 14:40:54
(RHSA-2024:0429) Moderate: openssh security update
2024-01-24 14:40:32
(RHSA-2024:0594) Moderate: openssh security update
2024-01-30 13:40:59
almalinux
almalinux
Moderate: openssh security update
2024-01-30 00:00:00
Moderate: openssh security update
2024-03-05 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: openssh-9.0p1-18.fc38
2024-01-23 01:22:50
[SECURITY] Fedora 39 Update: openssh-9.3p1-10.fc39
2024-01-12 01:12:26
oraclelinux
oraclelinux
openssh security update
2024-02-14 00:00:00
openssh security update
2024-03-06 00:00:00
openssh security update
2024-02-01 00:00:00
gentoo
gentoo
OpenSSH: Multiple Vulnerabilities
2023-12-28 00:00:00
ubuntu
ubuntu
OpenSSH vulnerabilities
2024-01-11 00:00:00
OpenSSH vulnerabilities
2024-01-03 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2023-5.0-0181
2023-12-28 00:00:00
rocky
rocky
openssh security update
2024-02-12 20:17:16
aix
aix
redos
redos
ROS-20240319-01
2024-03-19 00:00:00
cloudfoundry
cloudfoundry
USN-6565-1: OpenSSH vulnerabilities | Cloud Foundry
2024-02-29 00:00:00
debian
debian
[SECURITY] [DLA 3694-1] openssh security update
2023-12-26 02:23:02
[SECURITY] [DSA 5586-1] openssh security update
2023-12-22 08:59:42
mageia
mageia
Updated openssh packages fix security vulnerabilities
2024-01-15 01:23:43
apple
apple
About the security content of macOS Sonoma 14.4
2024-03-07 00:00:00
6.4 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
67.5%
Related for OPENVAS:13614125623114202405961