|
Vulnerability Assessment & Network Security Forums |
|||||||||
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> Red Hat Local Security Checks >> RHSA-2005-106: openssh Vulnerability Assessment Details
|
RHSA-2005-106: openssh |
||
Check for the version of the openssh packages Detailed Explanation for this Vulnerability Assessment Updated openssh packages that fix a potential security vulnerability and various other bugs are now available for Red Hat Enterprise Linux 3. This update has been rated as having low security impact by the Red Hat Security Response Team. OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation. SSH replaces rlogin and rsh, and provides secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over a secure channel. Public key authentication can be used for "passwordless" access to servers. The scp protocol permits a server to instruct a client to write to arbitrary files outside of the current directory. This could potentially cause a security issue if a user uses scp to copy files from a malicious server. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0175 to this issue. These updated packages also correct the following bugs: On systems where direct ssh access for the root user was disabled by configuration (setting "PermitRootLogin no"), attempts to guess the root password could be judged as sucessful or unsucessful by observing a delay. On systems where the privilege separation feature was turned on, the user resource limits were not correctly set if the configuration specified to raise them above the defaults. It was also not possible to change an expired password. Users of openssh should upgrade to these updated packages, which contain backported patches to resolve these issues. Solution : http://rhn.redhat.com/errata/RHSA-2005-106.html Network Security Threat Level: High Networks Security ID: Vulnerability Assessment Copyright: This script is Copyright (C) 2005 Tenable Network Security |
||
Cables, Connectors |
SanDisk 1TB SSD Plus, Internal Solid State Drive - SDSSDA-1T00-G26
$74.99
Samsung 870 EVO Series 500GB 2.5" SATA III Internal SSD MZ-77E500B/AM New Sealed
$59.00
SSDSC2BA800G3P Intel SSD DC S3700 Series 800GB 6Gb/s 2.5'' SATA SSD
$79.00
DT8XJ Dell Intel DC S3700 800GB SATA 6Gb/s 2.5" SSD 0DT8XJ SSDSC2BA800G3R
$59.00
Crucial BX500 240GB Internal SSD,Micron 3D NAND SATA CT240BX500SSD1 - OEM item
$16.99
Netac 1TB 2TB 512GB Internal SSD 2.5'' SATA III 6Gb/s Solid State Drive lot
$13.99
Patriot P210 128GB 256GB 512GB 1TB 2TB 2.5" SATA 3 6GB/s Internal SSD PC/MAC Lot
$14.99
Intel Optane Memory M10 SSD M.2 2280 16GB MEMPEK1J016GA PCIe 3.0 3D Xpoint NVMe
$5.99
Fanxiang SSD 512GB 1TB 2TB 4TB 2.5'' SSD SATA III Internal Solid State Drive lot
$198.99
Fanxiang 256GB 512GB 1TB 2TB 4TB Internal SSD 2.5" SATA III 6GB/s for PC/MAC Lot
$197.99
|
||
No Discussions have been posted on this vulnerability. |