Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> SuSE Local Security Checks >> SUSE-SA:2003:041: lsh


Vulnerability Assessment Details

SUSE-SA:2003:041: lsh

Vulnerability Assessment Summary
Check for the version of the lsh package

Detailed Explanation for this Vulnerability Assessment

The remote host is missing the patch for the advisory SUSE-SA:2003:041 (lsh).


LSH is the GNU implementation of SSH and can be seen as an alternative
to OpenSSH.
Recently various remotely exploitable buffer overflows have been
reported in LSH. These permit attackers to execute arbitrary code as root
on un-patched systems.
LSH is not installed by default on SUSE LINUX. An update is therefore
only recommended if you run LSH.
Maintained SUSE products are not affected by this bug as LSH is not
packaged on maintained products such as the Enterprise Server.

For the updates to take effect execute the following command as root:

/usr/sbin/rclshd restart

Please download the update package for your distribution and verify its
integrity by the methods listed in section 3) of this announcement.
Then, install the package using the command 'rpm -Fhv file.rpm' to apply
the update.

Solution : http://www.suse.de/security/2003_041_lsh.html
Network Security Threat Level: Medium

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2004 Tenable Network Security

Cables, Connectors


Dell Precision R7610 2x Xeon E5-2660 v2 2.2GHz 20-Cores / 128gb / 1TB SSD / W10 picture

Dell Precision R7610 2x Xeon E5-2660 v2 2.2GHz 20-Cores / 128gb / 1TB SSD / W10

$269.99



Dell Precision T3420 SFF Xeon E3-1245V5 32GB Ram Dual 512GB SSD NVS 510 Wifi GA picture

Dell Precision T3420 SFF Xeon E3-1245V5 32GB Ram Dual 512GB SSD NVS 510 Wifi GA

$219.99



Dell T5820 Workstation Xeon W-2133 @3.6GHz 32GB RAM No SSD/OS Radeon Pro WX 4100 picture

Dell T5820 Workstation Xeon W-2133 @3.6GHz 32GB RAM No SSD/OS Radeon Pro WX 4100

$299.99



Dell T5820 Workstation Xeon W-2133 @3.6GHz 32GB RAM x2 512GB NVMe Win 10 Pro picture

Dell T5820 Workstation Xeon W-2133 @3.6GHz 32GB RAM x2 512GB NVMe Win 10 Pro

$349.99



Intel Xeon E5 2698 V4 2.20GHz  20 Core CPU SR2JW 2011-3 USA SELLER  USA picture

Intel Xeon E5 2698 V4 2.20GHz 20 Core CPU SR2JW 2011-3 USA SELLER USA

$64.75



Intel SR2N7 Xeon E5-2680 V4 14-Core CPU Processor 2680V4 GRADE-A picture

Intel SR2N7 Xeon E5-2680 V4 14-Core CPU Processor 2680V4 GRADE-A

$15.95



Intel Xeon Gold 6154 3.00GHz (SR3J5) 18-Core CPU Processor picture

Intel Xeon Gold 6154 3.00GHz (SR3J5) 18-Core CPU Processor

$109.99



Intel Xeon Gold 6230 2.1GHz 27.5MB 20-Core 125W LGA3647 SRF8W picture

Intel Xeon Gold 6230 2.1GHz 27.5MB 20-Core 125W LGA3647 SRF8W

$130.00



DELL PowerEdge R730 16SFF Server 2x E5-2680v4 2.4GHz =28 Cores 128GB H730 4xRJ45 picture

DELL PowerEdge R730 16SFF Server 2x E5-2680v4 2.4GHz =28 Cores 128GB H730 4xRJ45

$372.00



Matched Pair _Intel Xeon E5-2697A V4 2.6GHz 16-Core Processor CPU LGA2011 SR2K1 picture

Matched Pair _Intel Xeon E5-2697A V4 2.6GHz 16-Core Processor CPU LGA2011 SR2K1

$76.99



Discussions

No Discussions have been posted on this vulnerability.