|
Vulnerability Assessment & Network Security Forums |
|||||||||
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> Red Hat Local Security Checks >> RHSA-2005-106: openssh Vulnerability Assessment Details
|
RHSA-2005-106: openssh |
||
Check for the version of the openssh packages Detailed Explanation for this Vulnerability Assessment Updated openssh packages that fix a potential security vulnerability and various other bugs are now available for Red Hat Enterprise Linux 3. This update has been rated as having low security impact by the Red Hat Security Response Team. OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation. SSH replaces rlogin and rsh, and provides secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over a secure channel. Public key authentication can be used for "passwordless" access to servers. The scp protocol permits a server to instruct a client to write to arbitrary files outside of the current directory. This could potentially cause a security issue if a user uses scp to copy files from a malicious server. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0175 to this issue. These updated packages also correct the following bugs: On systems where direct ssh access for the root user was disabled by configuration (setting "PermitRootLogin no"), attempts to guess the root password could be judged as sucessful or unsucessful by observing a delay. On systems where the privilege separation feature was turned on, the user resource limits were not correctly set if the configuration specified to raise them above the defaults. It was also not possible to change an expired password. Users of openssh should upgrade to these updated packages, which contain backported patches to resolve these issues. Solution : http://rhn.redhat.com/errata/RHSA-2005-106.html Network Security Threat Level: High Networks Security ID: Vulnerability Assessment Copyright: This script is Copyright (C) 2005 Tenable Network Security |
||
Cables, Connectors |
ALLEN BRADLEY 281G-F12S-10B-RRG-CBG /C AMORSTART MODULE 280G-FS-10-RG STK 2911
$380.00
Intel - Core i7-12700K Desktop Processor 12 (8P+4E) Cores up to 5.0 GHz Unloc...
$419.99
AMD Ryzen 9 5950X 16-core 32-thread Desktop Processor
$319.99
Intel - Core i9-12900K Desktop Processor 16 (8P+8E) Cores up to 5.2 GHz Unloc...
$619.99
AMD Ryzen 5 5600X CPU Processor (4.6GHz, 6 Cores, Socket AM4)
$119.99
Intel Core i5-12600KF Desktop Processor 10 (6P+4E) Cores up to 4.9 GHz Unlocked.
$145.59
Intel - Core i5-14600K 14th Gen 14-Core 20-Thread - 4.0GHz (5.3GHz Turbo) Soc...
$309.99
Intel Xeon E5-2697 v2 2.7GHz 30M 12-Core LGA2011 CPU Processor SR19H
$27.99
Intel Core i3-10105 10th Gen Comet Lake 4 Quad-Core 3.70 GHz Processor FCLGA1200
$31.32
Intel Quad Core i3-12100 3.3GHz 12MB LGA1700 12th Gen. CPU Processor SRL62
$45.89
|
||
No Discussions have been posted on this vulnerability. |