14 matches found
NewStart CGSL CORE 5.04 / MAIN 5.04 : openssh Multiple Vulnerabilities (NS-SA-2019-0036)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has openssh packages installed that are affected by multiple vulnerabilities: - scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded...
Oracle: Security Advisory (ELSA-2007-0555)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SOL15155 - OpenSSH vulnerability CVE-2007-3102
Recommended action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
CentOS 4 : openssh (CESA-2007:0703)
Updated openssh packages that fix two security issues and various bugs are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenSSH is OpenBSD's SSH Secure SHell protocol implementation. These packages include the core files...
Scientific Linux Security Update : openssh on SL5.x
Problem description : A flaw was found in the way the ssh server wrote account names to the audit subsystem. An attacker could inject strings containing parts of audit messages, which could possibly mislead or confuse audit log parsing tools. CVE-2007-3102 A flaw was found in the way the OpenSSH...
SunSSH < 1.1.1 / 1.3 CBC Plaintext Disclosure
The version of SunSSH running on the remote host has an information disclosure vulnerability. A design flaw in the SSH specification could allow a man-in-the-middle attacker to recover up to 32 bits of plaintext from an SSH-protected connection in the standard configuration. An attacker could...
pam security, bug fix, and enhancement update
0.77-66.23 - pamcracklib should count the last char when computing difference 267201 0.77-66.22 - add pamtally2 module 228044 - unset XAUTHORITY when appropriate 228980 - CVE-2007-1716 always decrement use count 230823 - reset priority only when specified in limits.conf 232407 - CVE-2007-3102...
openssh security and bug fix update
3.9p1-8.RHEL4.24 - return correct exit status on failed write on sftp batch mode 247802 3.9p1-8.RHEL4.23 - some more mem leaks fix in sftp 240909 3.9p1-8.RHEL4.22 - CVE-2007-3102 escape account name to prevent audit log injection 248058 3.9p1-8.RHEL4.21 - move pam session calls so pamclosesession...
RHEL 4 : pam (RHSA-2007:0737)
Updated pam packages that fix two security flaws, resolve two bugs, and add an enhancement are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Pluggable Authentication Modules PAM provide a system...
openssh security update
CentOS Errata and Security Advisory CESA-2007:0703 Updated openssh packages that fix two security issues and various bugs are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenSSH is OpenBSD's SSH Secure SHell protocol...
RHEL 5 : pam (RHSA-2007:0555)
Updated pam packages that fix two security flaws, resolve several bugs, and add enhancements are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Pluggable Authentication Modules PAM provide a system...
Moderate: Red Hat Security Advisory: pam security, bug fix, and enhancement update
Updated pam packages that fix two security flaws, resolve several bugs, and add enhancements are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Pluggable Authentication Modules PAM provide a system...
CVE-2007-3102
OpenSSH 4.3p2 contains an unspecified vulnerability in linux_audit_record_event that allows remote attackers to write arbitrary characters to the audit log via a crafted username. Reported on Fedora Core 6 and possibly other systems (CVE-2007-3102). Public advisories note a fix was released (e.g....
Fedora Core 6 : openssh-4.3p2-25.fc6 (2007-715)
Tue Oct 2 2007 Tomas Mraz - 4.3p2-25 - do not fall back on trusted X11 cookies CVE-2007-4752 280471 - Fri Jul 13 2007 Tomas Mraz - 4.3p2-24 - fixed audit log injection problem CVE-2007-3102 248059 - Thu Jun 21 2007 Tomas Mraz - 4.3p2-23 - document where the nss certificate and token dbs are...