Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

USN-566-1: OpenSSH vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) USN-566-1: OpenSSH vulnerability
# 1  
Old 01-09-2008
USN-566-1: OpenSSH vulnerability
Referenced CVEs:
CVE-2007-4752


Description:
=========================================================== Ubuntu Security Notice USN-566-1 January 09, 2008 openssh vulnerability CVE-2007-4752 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: openssh-client 1:4.2p1-7ubuntu3.2 Ubuntu 6.10: openssh-client 1:4.3p2-5ubuntu1.1 Ubuntu 7.04: openssh-client 1:4.3p2-8ubuntu1.1 Ubuntu 7.10: openssh-client 1:4.6p1-5ubuntu0.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Jan Pechanec discovered that ssh would forward trusted X11 cookies when untrusted cookie generation failed. This could lead to unintended privileges being forwarded to a remote host.





More...
Login or Register to Ask a Question

Previous Thread | Next Thread

1 More Discussions You Might Find Interesting

1. Red Hat

Vulnerability with ssh in OpenSSH in an RHEL installation

There was a security analysis run on one server which has RHEL 5.8 installed and it is showing security vulnerabilities with respect to ssh in OpenSSH with reference no CVE-2007-4752. The vulnerability solution in the security report is showing solution as below: 1) Download and apply the... (3 Replies)
Discussion started by: RHCE
3 Replies
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

net::openssh::compat

Net::OpenSSH::Compat(3pm)				User Contributed Perl Documentation				 Net::OpenSSH::Compat(3pm)

NAME

       Net::OpenSSH::Compat - Compatibility modules for Net::OpenSSH

SYNOPSIS

	 use Net::OpenSSH::Compat 'Net::SSH2';
	 use Net::OpenSSH::Compat 'Net::SSH::Perl';

DESCRIPTION

       This package contains a set of adapter modules that run on top of Net::OpenSSH providing the APIs of other SSH modules available from CPAN.

       Currently, there are adapters available for Net::SSH2 and Net::SSH::Perl. Adapters for Net::SSH and Net::SFTP are planned... maybe also for
       Net::SCP and Net::SCP::Expect if somebody request them.

BUGS AND SUPPORT

       This is a work in progress.

       If you find any bug fill a report at the CPAN RT bugtracker (https://rt.cpan.org/Ticket/Create.html?Queue=Net-OpenSSH-Compat
       <https://rt.cpan.org/Ticket/Create.html?Queue=Net-OpenSSH-Compat>) or just send me an e-mail with the details.

   Git repository
       The source code repository is at https://github.com/salva/p5-Net-OpenSSH-Compat <https://github.com/salva/p5-Net-OpenSSH-Compat>.

   My wishlist
       If you like this module and you're feeling generous, take a look at my Amazon Wish List: <http://amzn.com/w/1WU1P6IR5QZ42>

       Also consider contributing to the OpenSSH project this module builds upon: <http://www.openssh.org/donations.html>.

SEE ALSO

       Net::OpenSSH, Net::OpenSSH::Compat::SSH2, Net::OpenSSH::Compat::Perl.

COPYRIGHT AND LICENSE

       Copyright (C) 2011 by Salvador Fandino (sfandino@yahoo.com)

       This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.10.1 or,
       at your option, any later version of Perl 5 you may have available.

perl v5.14.2							    2011-09-28						 Net::OpenSSH::Compat(3pm)