Lucene search
OracleLinuxELSA-2017-2029HistoryAug 07, 2017 - 12:00 a.m.
openssh security, bug fix, and enhancement update
2017-08-0700:00:00
linux.oracle.com
85
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.107 Low
EPSS
Percentile
94.5%
[7.4p1-11 + 0.10.3-1]
- Compiler warnings (#1341754)
[7.4p1-10 + 0.10.3-1] - Add missing messages in FIPS mode (#1341754)
[7.4p1-9 + 0.10.3-1] - Allow harmless syscalls for s390 crypto modules (#1451809)
[7.4p1-8 + 0.10.3-1] - Fix multilib issue in documentation (#1450361)
[7.4p1-6 + 0.10.3-1] - ControlPath too long should not be a fatal error (#1447561)
[7.4p1-5 + 0.10.3-1] - Fix the default key exchange proposal in FIPS mode (#1438414)
- Remove another wrong coverity chunk to unbreak gsskex (#1438414)
[7.4p1-4 + 0.10.3-1] - Update seccomp filter to work on ppc64le (#1443916)
[7.4p1-3 + 0.10.3-1] - Do not completely disable SHA-1 key exchange methods in FIPS (#1324493)
- Remove wrong coverity patches
[7.4p1-2 + 0.10.3-1] - Fix coverity scan results
- Adjust FIPS algorithms list (#1420910)
- Revert problematic feature for chroot(#1418062)
- Fix CBC weakness in released OpenSSH 7.5
[7.4p1-1 + 0.10.3-1] - Rebase to openssh 7.4 and pam_ssh_agent_auth 0.10.3 (#1341754)
- detach -cavs subpackage
- enable seccomp filter for sandboxed child
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 7 | src | openssh | < 7.4p1-11.el7 | openssh-7.4p1-11.el7.src.rpm |
| oracle linux | 7 | aarch64 | openssh | < 7.4p1-11.el7 | openssh-7.4p1-11.el7.aarch64.rpm |
| oracle linux | 7 | aarch64 | openssh-askpass | < 7.4p1-11.el7 | openssh-askpass-7.4p1-11.el7.aarch64.rpm |
| oracle linux | 7 | aarch64 | openssh-cavs | < 7.4p1-11.el7 | openssh-cavs-7.4p1-11.el7.aarch64.rpm |
| oracle linux | 7 | aarch64 | openssh-clients | < 7.4p1-11.el7 | openssh-clients-7.4p1-11.el7.aarch64.rpm |
| oracle linux | 7 | aarch64 | openssh-keycat | < 7.4p1-11.el7 | openssh-keycat-7.4p1-11.el7.aarch64.rpm |
| oracle linux | 7 | aarch64 | openssh-ldap | < 7.4p1-11.el7 | openssh-ldap-7.4p1-11.el7.aarch64.rpm |
| oracle linux | 7 | aarch64 | openssh-server | < 7.4p1-11.el7 | openssh-server-7.4p1-11.el7.aarch64.rpm |
| oracle linux | 7 | aarch64 | openssh-server-sysvinit | < 7.4p1-11.el7 | openssh-server-sysvinit-7.4p1-11.el7.aarch64.rpm |
| oracle linux | 7 | aarch64 | pam_ssh_agent_auth | < 0.10.3-1.11.el7 | pam_ssh_agent_auth-0.10.3-1.11.el7.aarch64.rpm |
Related
ibm
ibm
Security Bulletin: Vulnerabilities in OpenSSH affects Power Hardware Management Console
2021-09-23 01:45:02
Security Bulletin: Vulnerabilities in OpenSSH affect PowerKVM
2018-06-18 01:38:05
openvas
openvas
RedHat Update for openssh RHSA-2017:2029-01
2017-08-04 00:00:00
Fedora Update for openssh FEDORA-2017-4767e2991d
2017-01-10 00:00:00
Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2017-1054)
2020-01-23 00:00:00
nessus
nessus
Amazon Linux AMI : openssh (ALAS-2017-898)
2017-10-04 00:00:00
Scientific Linux Security Update : openssh on SL7.x x86_64 (20170801)
2017-08-22 00:00:00
CentOS 7 : openssh (CESA-2017:2029)
2017-08-25 00:00:00
amazon
amazon
Medium: openssh
2017-10-03 11:00:00
redhat
redhat
(RHSA-2017:2029) Moderate: openssh security, bug fix, and enhancement update
2017-08-01 05:57:17
(RHSA-2017:2563) Moderate: openssh security update
2017-08-31 13:09:34
centos
centos
openssh, pam_ssh_agent_auth security update
2017-08-24 01:40:16
openssh, pam_ssh_agent_auth security update
2017-08-31 18:50:28
archlinux
archlinux
[ASA-201612-20] openssh: multiple issues
2016-12-22 00:00:00
openssh: information leakage
2016-08-02 00:00:00
symantec
symantec
SA144 : OpenSSH Vulnerabilities January 2017
2017-03-02 08:00:00
SA136 : OpenSSH Vulnerabilities
2016-12-13 08:00:00
slackware
slackware
[slackware-security] openssh
2016-12-24 01:35:34
aix
aix
Vulnerabilities in OpenSSH affect AIX.
2017-02-05 23:36:10
AIX OpenSSH Vulnerability
2016-09-08 14:36:37
ubuntu
ubuntu
OpenSSH vulnerabilities
2016-08-15 00:00:00
OpenSSH vulnerabilities
2018-01-22 00:00:00
cloudfoundry
cloudfoundry
USN-3061-1 OpenSSH vulnerability | Cloud Foundry
2016-08-25 00:00:00
USN-3538-1: OpenSSH vulnerabilities | Cloud Foundry
2018-02-01 00:00:00
fedora
fedora
[SECURITY] Fedora 25 Update: openssh-7.4p1-1.fc25
2017-01-06 20:25:39
[SECURITY] Fedora 24 Update: openssh-7.2p2-10.fc24
2016-07-20 17:50:40
[SECURITY] Fedora 24 Update: openssh-7.2p2-12.fc24
2016-08-10 07:24:41
mageia
mageia
Updated openssh packages fix security vulnerability
2016-08-31 18:32:33
Updated openssh packages fix security vulnerability
2018-01-01 13:38:51
osv
osv
openssh - security update
2018-09-10 00:00:00
CVE-2016-10011
2017-01-05 02:59:03
CVE-2016-10012
2017-01-05 02:59:03
debian
debian
[SECURITY] [DLA 1500-1] openssh security update
2018-09-10 08:44:17
[SECURITY] [DSA 3626-1] openssh security update
2016-07-24 09:19:18
[SECURITY] [DSA 3626-1] openssh security update
2016-07-24 09:19:18
prion
prion
Design/Logic Flaw
2017-01-05 02:59:00
Privilege escalation
2017-01-05 02:59:00
Design/Logic Flaw
2017-02-13 17:59:00
ubuntucve
ubuntucve
alpinelinux
alpinelinux
seebug
seebug
OpenSSH authentication security bypass Vulnerability, CVE-2016-10012)
2016-12-21 00:00:00
OpenSSH information leak Vulnerability, CVE-2016-10011)
2016-12-21 00:00:00
OpenSSH remote code execution vulnerability, CVE-2016-10009)
2016-12-21 00:00:00
cve
cve
redhatcve
redhatcve
f5
f5
K62201745 : OpenSSH vulnerability CVE-2016-10012
2017-01-27 00:00:00
K24324390 : OpenSSH vulnerability CVE-2016-10011
2017-01-27 00:00:00
SOL31510510 - OpenSSH vulnerability CVE-2016-6515
2016-10-19 00:00:00
debiancve
debiancve
cloudlinux
cloudlinux
Fixed CVE-2016-10012 in openssh
2022-07-18 19:03:31
Fixed CVE-2016-10009 in openssh-5.3p1
2022-07-04 19:13:43
openssh: Fix of 2 CVEs
2022-12-19 20:22:19
freebsd_advisory
freebsd_advisory
FreeBSD-SA-17:06.openssh
2017-08-10 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1938
2021-07-02 17:38:20
packetstorm
packetstorm
OpenSSHD 7.2p2 User Enumeration
2016-07-21 00:00:00
OpenSSHD 7.2p2 User Enumeration
2016-07-18 00:00:00
OpenSSH 7.2 Denial Of Service
2016-12-08 00:00:00
myhack58
myhack58
veracode
veracode
Information Disclosure
2019-01-15 09:20:13
checkpoint_advisories
checkpoint_advisories
OpenSSH sshd auth_passwd Denial of Service (CVE-2016-6515)
2017-01-08 00:00:00
zdt
zdt
OpenSSH 7.2 - Denial of Service Exploit
2016-12-07 00:00:00
OpenSSHd 7.2p2 - Username Enumeration (2)
2016-07-20 00:00:00
OpenSSHd 7.2p2 - Username Enumeration (1)
2016-07-18 00:00:00
hackerone
hackerone
exploitpack
exploitpack
OpenSSHd 7.2p2 - Username Enumeration
2016-07-18 00:00:00
OpenSSH 7.2 - Denial of Service
2016-12-07 00:00:00
OpenSSH 7.2p2 - Username Enumeration
2016-07-20 00:00:00
oraclelinux
oraclelinux
openssh security update
2017-08-31 00:00:00
paloalto
paloalto
OpenSSH Vulnerability
2016-11-17 17:02:00
freebsd
freebsd
FreeBSD -- OpenSSH Denial of Service vulnerability
2017-08-10 00:00:00
exploitdb
exploitdb
OpenSSH 7.2 - Denial of Service
2016-12-07 00:00:00
OpenSSHd 7.2p2 - Username Enumeration
2016-07-18 00:00:00
OpenSSH 7.2p2 - Username Enumeration
2016-07-20 00:00:00
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.107 Low
EPSS
Percentile
94.5%
Related for ELSA-2017-2029