CentOS 6 : openssh (CESA-2012:0884)

Updated openssh packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which...

CentOS 6 : rsyslog (CESA-2012:0796)

Updated rsyslog packages that fix one security issue, multiple bugs, and add two enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which...

openssh, pam_ssh_agent_auth security update

CentOS Errata and Security Advisory CESA-2012:0884 Updated openssh packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common...

Medium: openssh

Issue Overview: A denial of service flaw was found in the OpenSSH GSSAPI authentication implementation. A remote, authenticated user could use this flaw to make the OpenSSH server daemon sshd use an excessive amount of memory, leading to a denial of service. GSSAPI authentication is enabled by...

RedHat Update for rsyslog RHSA-2012:0796-04

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

RedHat Update for rsyslog RHSA-2012:0796-04

Check for the Version of rsyslog OpenVAS Vulnerability Test RedHat Update for rsyslog RHSA-2012:0796-04 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

RedHat Update for openssh RHSA-2012:0884-04

Check for the Version of openssh OpenVAS Vulnerability Test RedHat Update for openssh RHSA-2012:0884-04 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

RHEL 6 : rsyslog (RHSA-2012:0796)

Updated rsyslog packages that fix one security issue, multiple bugs, and add two enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which...

openssh: post-authentication resource exhaustion bug via GSSAPI

The sshgssapiparseename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service memory consumption via a large value in a certain length field. NOTE: there may be limited scenarios in which...

Moderate: Red Hat Security Advisory: rsyslog security, bug fix, and enhancement update

Updated rsyslog packages that fix one security issue, multiple bugs, and add two enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which...

Low: Red Hat Security Advisory: openssh security, bug fix, and enhancement update

Updated openssh packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which...

[SECURITY] Fedora 17 Update: libgssglue-0.4-0.fc17

This library exports a gssapi interface, but doesn't implement any gssapi mechanisms itself; instead it calls gssapi routines in other libraries, depending on the mechanism...

[SECURITY] Fedora 16 Update: libgssglue-0.4-0.fc16

This library exports a gssapi interface, but doesn't implement any gssapi mechanisms itself; instead it calls gssapi routines in other libraries, depending on the mechanism...

CVE-2011-5000

The sshgssapiparseename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service memory consumption via a large value in a certain length field. NOTE: there may be limited scenarios in which...

DEBIAN-CVE-2011-5000

The sshgssapiparseename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service memory consumption via a large value in a certain length field. NOTE: there may be limited scenarios in which...

CVE-2011-5000

The sshgssapiparseename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service memory consumption via a large value in a certain length field. NOTE: there may be limited scenarios in which...

CVE-2011-5000

OpenSSH

PT-2012-1158 · Openssh +4 · Openssh +4

Name of the Vulnerable Software and Affected Versions: OpenSSH versions 5.8 and earlier Description: The issue allows remote authenticated users to cause a denial of service, specifically memory consumption, when gssapi-with-mic authentication is enabled. This is due to the ssh gssapi parse ename...

cURL: Multiple vulnerabilities

Background cURL is a command line tool for transferring files with URL syntax, supporting numerous protocols. Description Multiple vulnerabilities have been found in cURL: When zlib is enabled, the amount of data sent to an application for automatic decompression is not restricted CVE-2010-0734...

OpenSSH < 5.9 Multiple DoS

According to its banner, the version of OpenSSH running on the remote host is prior to version 5.9. Such versions are affected by multiple denial of service vulnerabilities : - A denial of service vulnerability exists in the gss-serv.c 'sshgssapiparseename' function. A remote attacker may be able...