Lucene search
OracleLinuxELSA-2018-0980HistoryApr 16, 2018 - 12:00 a.m.
openssh security, bug fix, and enhancement update
2018-04-1600:00:00
linux.oracle.com
43
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.008 Low
EPSS
Percentile
80.0%
[7.4p1-16 + 0.10.3-2]
- Fix for CVE-2017-15906 (#1517226)
[7.4p1-15 + 0.10.3-2] - Do not hang if SSH AuthorizedKeysCommand output is too large (#1496467)
- Do not segfault pam_ssh_agent_auth if keyfile is missing (#1494268)
- Do not segfault in audit code during cleanup (#1488083)
- Add WinSCP 5.10+ compatibility (#1496808)
- Clatch between ClientAlive and rekeying timeouts (#1480510)
- Exclude dsa and ed25519 from default proposed keys in FIPS mode (#1456853)
- Add enablement for openssl-ibmca and openssl-ibmpkcs11 (#1478035)
[7.4p1-14 + 0.10.3-2] - Rebuilt for RHEL-7.5
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 7 | src | openssh | < 7.4p1-16.el7 | openssh-7.4p1-16.el7.src.rpm |
| oracle linux | 7 | aarch64 | openssh | < 7.4p1-16.el7 | openssh-7.4p1-16.el7.aarch64.rpm |
| oracle linux | 7 | aarch64 | openssh-askpass | < 7.4p1-16.el7 | openssh-askpass-7.4p1-16.el7.aarch64.rpm |
| oracle linux | 7 | aarch64 | openssh-cavs | < 7.4p1-16.el7 | openssh-cavs-7.4p1-16.el7.aarch64.rpm |
| oracle linux | 7 | aarch64 | openssh-clients | < 7.4p1-16.el7 | openssh-clients-7.4p1-16.el7.aarch64.rpm |
| oracle linux | 7 | aarch64 | openssh-keycat | < 7.4p1-16.el7 | openssh-keycat-7.4p1-16.el7.aarch64.rpm |
| oracle linux | 7 | aarch64 | openssh-ldap | < 7.4p1-16.el7 | openssh-ldap-7.4p1-16.el7.aarch64.rpm |
| oracle linux | 7 | aarch64 | openssh-server | < 7.4p1-16.el7 | openssh-server-7.4p1-16.el7.aarch64.rpm |
| oracle linux | 7 | aarch64 | openssh-server-sysvinit | < 7.4p1-16.el7 | openssh-server-sysvinit-7.4p1-16.el7.aarch64.rpm |
| oracle linux | 7 | aarch64 | pam_ssh_agent_auth | < 0.10.3-2.16.el7 | pam_ssh_agent_auth-0.10.3-2.16.el7.aarch64.rpm |
Related
checkpoint_advisories
checkpoint_advisories
OpenSSH sftp-server.c Denial of Service (CVE-2017-15906)
2019-02-18 00:00:00
f5
f5
K89621551 : OpenSSH vulnerability CVE-2017-15906
2017-11-18 00:00:00
nessus
nessus
AIX OpenSSH Advisory : openssh_advisory11.asc
2020-05-05 00:00:00
Photon OS 2.0: Openssh PHSA-2017-0051
2019-02-07 00:00:00
Fedora 27 : openssh (2017-96d1995b70)
2018-01-15 00:00:00
fedora
fedora
[SECURITY] Fedora 25 Update: openssh-7.4p1-5.fc25
2017-12-12 14:40:46
[SECURITY] Fedora 26 Update: openssh-7.5p1-4.fc26
2017-11-28 16:31:03
[SECURITY] Fedora 27 Update: openssh-7.6p1-2.fc27
2017-12-10 05:10:47
openvas
openvas
OpenSSH 'sftp-server' Security Bypass Vulnerability - Windows
2017-10-27 00:00:00
Fedora Update for openssh FEDORA-2017-4862a3bfb1
2017-12-04 00:00:00
Fedora Update for openssh FEDORA-2017-96d1995b70
2017-12-10 00:00:00
ibm
ibm
aix
aix
Vulnerabilities in OpenSSH affect AIX.
2017-11-14 09:46:19
amazon
amazon
Low: openssh
2018-05-10 17:51:00
Low: openssh
2018-06-20 19:56:00
prion
prion
Code injection
2017-10-26 03:29:00
redhat
redhat
(RHSA-2018:0980) Low: openssh security, bug fix, and enhancement update
2018-04-10 05:04:58
gentoo
gentoo
OpenSSH: Permission issue
2018-01-07 00:00:00
osv
osv
CVE-2017-15906
2017-10-26 03:29:00
openssh - security update
2018-09-10 00:00:00
centos
centos
openssh, pam_ssh_agent_auth security update
2018-04-26 17:48:27
redhatcve
redhatcve
CVE-2017-15906
2017-10-26 13:49:08
symantec
symantec
SA163: OpenSSH Vulnerability October 2017
2018-01-30 08:00:00
ubuntucve
ubuntucve
CVE-2017-15906
2017-10-25 00:00:00
debiancve
debiancve
CVE-2017-15906
2017-10-26 03:29:00
cve
cve
CVE-2017-15906
2017-10-26 03:29:00
slackware
slackware
[slackware-security] openssh
2018-03-08 09:04:05
mageia
mageia
Updated openssh packages fix security vulnerability
2017-12-31 18:14:43
Updated openssh packages fix security vulnerability
2018-01-01 13:38:51
alpinelinux
alpinelinux
CVE-2017-15906
2017-10-26 03:29:00
cloudfoundry
cloudfoundry
USN-3538-1: OpenSSH vulnerabilities | Cloud Foundry
2018-02-01 00:00:00
ubuntu
ubuntu
OpenSSH vulnerabilities
2018-01-22 00:00:00
debian
debian
[SECURITY] [DLA 1500-1] openssh security update
2018-09-10 08:44:17
photon
photon
Critical Photon OS Security Update - PHSA-2017-0005
2017-12-07 00:00:00
Critical Photon OS Security Update - PHSA-2017-0091
2017-12-08 00:00:00
ics
ics
Siemens SCALANCE X-200RNA Switch Devices
2022-12-19 12:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2020
2020-01-14 00:00:00
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.008 Low
EPSS
Percentile
80.0%
Related for ELSA-2018-0980