Lucene search
OracleLinuxELSA-2017-0641HistoryMar 27, 2017 - 12:00 a.m.
openssh security and bug fix update
2017-03-2700:00:00
linux.oracle.com
16
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.7%
[5.3p1-122]
- Allow to use ibmca crypto hardware (#1397547)
- CVE-2015-8325: privilege escalation via user’s PAM environment and UseLogin=yes (1405374)
[5.3p1-121] - Fix missing hmac-md5-96 from server offer (#1373836)
[5.3p1-120] - Prevent infinite loop when Ctrl+Z pressed at password prompt (#1218424)
- Remove RC4 cipher and MD5 based MAC from the default client proposal (#1373836)
[5.3p1-119] - Resolve sftp force permission colision with umask (#1341747)
- Relax bits needed check to allow hmac-sha2-512 with gss-group1-sha1- (#1353359)
- close ControlPersist background process stderr when not in debug mode (#1335539)
- Do not add a message ‘The agent has no identities.’ in ~/.ssh/authorized_keys (#1353410)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 6 | src | openssh | < 5.3p1-122.el6 | openssh-5.3p1-122.el6.src.rpm |
| oracle linux | 6 | i686 | openssh | < 5.3p1-122.el6 | openssh-5.3p1-122.el6.i686.rpm |
| oracle linux | 6 | i686 | openssh-askpass | < 5.3p1-122.el6 | openssh-askpass-5.3p1-122.el6.i686.rpm |
| oracle linux | 6 | i686 | openssh-clients | < 5.3p1-122.el6 | openssh-clients-5.3p1-122.el6.i686.rpm |
| oracle linux | 6 | i686 | openssh-ldap | < 5.3p1-122.el6 | openssh-ldap-5.3p1-122.el6.i686.rpm |
| oracle linux | 6 | i686 | openssh-server | < 5.3p1-122.el6 | openssh-server-5.3p1-122.el6.i686.rpm |
| oracle linux | 6 | i686 | pam_ssh_agent_auth | < 0.9.3-122.el6 | pam_ssh_agent_auth-0.9.3-122.el6.i686.rpm |
| oracle linux | 6 | src | openssh | < 5.3p1-122.el6 | openssh-5.3p1-122.el6.src.rpm |
| oracle linux | 6 | x86_64 | openssh | < 5.3p1-122.el6 | openssh-5.3p1-122.el6.x86_64.rpm |
| oracle linux | 6 | x86_64 | openssh-askpass | < 5.3p1-122.el6 | openssh-askpass-5.3p1-122.el6.x86_64.rpm |
Related
redhat
redhat
(RHSA-2016:2588) Moderate: openssh security, bug fix, and enhancement update
2016-11-03 06:07:15
(RHSA-2017:0641) Moderate: openssh security and bug fix update
2017-03-21 06:17:45
nessus
nessus
EulerOS 2.0 SP1 : openssh (EulerOS-SA-2016-1053)
2017-05-01 00:00:00
Fedora 24 : openssh (2016-cce03cc497)
2016-07-14 00:00:00
Amazon Linux AMI : openssh (ALAS-2016-770)
2016-11-21 00:00:00
osv
osv
CVE-2015-8325
2016-05-01 01:59:00
openssh - security update
2016-04-15 00:00:00
ibm
ibm
fedora
fedora
[SECURITY] Fedora 23 Update: openssh-7.2p2-3.fc23
2016-04-24 20:53:40
[SECURITY] Fedora 24 Update: gsi-openssh-7.2p2-3.fc24
2016-05-20 17:55:09
[SECURITY] Fedora 23 Update: gsi-openssh-7.2p2-2.fc23
2016-05-24 01:40:21
oraclelinux
oraclelinux
openssh security, bug fix, and enhancement update
2016-11-09 00:00:00
ubuntucve
ubuntucve
CVE-2015-8325
2016-04-30 00:00:00
openvas
openvas
Fedora Update for gsi-openssh FEDORA-2016-99c6bc92df
2016-06-08 00:00:00
Debian: Security Advisory (DSA-3550-1)
2016-04-14 00:00:00
Fedora Update for openssh FEDORA-2016-7
2016-04-25 00:00:00
prion
prion
Design/Logic Flaw
2016-05-01 01:59:00
debiancve
debiancve
CVE-2015-8325
2016-05-01 01:59:00
debian
debian
[SECURITY] [DSA 3550-1] openssh security update
2016-04-15 17:09:09
veracode
veracode
Privilege Escalation
2019-01-15 09:16:33
centos
centos
openssh, pam_ssh_agent_auth security update
2017-03-24 15:38:42
openssh, pam_ssh_agent_auth security update
2016-11-25 16:01:03
amazon
amazon
Medium: openssh
2016-11-18 12:30:00
f5
f5
K20911042 : OpenSSH vulnerability CVE-2015-8325
2016-05-16 00:00:00
SOL20911042 - OpenSSH vulnerability CVE-2015-8325
2016-05-16 00:00:00
cve
cve
CVE-2015-8325
2016-05-01 01:59:00
alpinelinux
alpinelinux
CVE-2015-8325
2016-05-01 01:59:00
symantec
symantec
SA126 : OpenSSH Vulnerabilities January/April 2016
2016-06-14 08:00:00
slackware
slackware
[slackware-security] openssh
2016-08-06 21:10:35
freebsd
freebsd
openssh -- sshd -- remote valid user discovery and PAM /bin/login attack
2016-08-01 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 6 package openssh version 6.7p1-alt1.M60P.3
2016-10-20 00:00:00
Security fix for the ALT Linux 8 package openssh version 7.2p2-alt2
2016-10-21 00:00:00
Security fix for the ALT Linux 7 package openssh version 6.7p1-alt1.M70P.3
2016-10-20 00:00:00
mageia
mageia
Updated openssh packages fix security vulnerability
2016-08-31 18:32:33
aix
aix
AIX OpenSSH Vulnerability
2016-09-08 14:36:37
cloudfoundry
cloudfoundry
USN-2966-1 OpenSSH vulnerabilities | Cloud Foundry
2016-06-13 00:00:00
ubuntu
ubuntu
OpenSSH vulnerabilities
2016-05-09 00:00:00
gentoo
gentoo
OpenSSH: Multiple vulnerabilities
2016-12-07 00:00:00
ics
ics
Siemens SCALANCE X-200RNA Switch Devices
2022-12-19 12:00:00
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.7%
Related for ELSA-2017-0641