Download
| Alert*
oval:org.secpod.oval:def:89046093
This update for openssh fixes the following issues: - CVE-2021-41617: Fixed a potential privilege escalation for non-default configuration settings . oval:org.secpod.oval:def:89045819 This update for openssh fixes the following issues: - CVE-2021-41617: Fixed privilege escalation when AuthorizedKeysCommand/AuthorizedPrincipalsCommand are configured . oval:org.secpod.oval:def:1601514 A flaw was found in OpenSSH. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user. Depending on system configuration, inherited g ... oval:org.secpod.oval:def:78641 The host is missing a patch containing security fixes, which affects the following package(s):openssh.base.server and openssh.base.client oval:org.secpod.oval:def:4501123 OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fix: * openssh: privilege escalation when AuthorizedKeysCommand or AuthorizedPrincipalsCommand are conf ... oval:org.secpod.oval:def:205920 OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fix: * openssh: privilege escalation when AuthorizedKeysCommand or AuthorizedPrincipalsCommand are conf ... oval:org.secpod.oval:def:89045862 This update for openssh fixes the following issues: - CVE-2021-41617: Fixed privilege escalation when AuthorizedKeysCommand/AuthorizedPrincipalsCommand are configured . oval:org.secpod.oval:def:120799 SSH is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the sec ... oval:org.secpod.oval:def:120875 SSH is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the sec ... oval:org.secpod.oval:def:89045842 This update for openssh fixes the following issues: - CVE-2021-41617: Fixed privilege escalation when AuthorizedKeysCommand/AuthorizedPrincipalsCommand are configured . oval:org.secpod.oval:def:75390 The host is installed with OpenSSH 6.2 or 8.x before 8.8 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle an issue in sshd. Successful exploitation could leads to unspecified impact. oval:org.secpod.oval:def:89045860 This update for openssh fixes the following issues: - CVE-2021-41617: Fixed privilege escalation when AuthorizedKeysCommand/AuthorizedPrincipalsCommand are configured . oval:org.secpod.oval:def:2106854 Oracle Solaris 11 - ( CVE-2021-41617 ) oval:org.secpod.oval:def:89045806 This update for openssh fixes the following issues: - CVE-2021-41617: Fixed privilege escalation when AuthorizedKeysCommand/AuthorizedPrincipalsCommand are configured . oval:org.secpod.oval:def:506889 OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fix: * openssh: privilege escalation when AuthorizedKeysCommand or AuthorizedPrincipalsCommand are conf ... oval:org.secpod.oval:def:1700842 A flaw was found in OpenSSH. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user. Depending on system configuration, inherited g ... oval:org.secpod.oval:def:506607 OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fix: * openssh: privilege escalation when AuthorizedKeysCommand or AuthorizedPrincipalsCommand are conf ... oval:org.secpod.oval:def:89047338 This update for openssh fixes the following issues: - CVE-2021-41617: Fixed privilege escalation when AuthorizedKeysCommand/AuthorizedPrincipalsCommand are configured . oval:org.secpod.oval:def:1505444 [7.4p1-22.0.1_fips] - Change Epoch from 1 to 10 - Enable fips KDF POST [Orabug: 32461750] - Disable diffie-hellman-group-exchange-sha256 KEX FIPS method [Orabug: 32461739] [7.4p1-22.0.1] - enlarge format buffer size for certificate serial number so the log message can record any 64-bit integer witho ... oval:org.secpod.oval:def:2500784 OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. oval:org.secpod.oval:def:1505649 [8.0p1-13] - Upstream: ClientAliveCountMax=0 disable the connection killing behaviour [8.0p1-12] - Add support for "Include" directive in sshd_config file [8.0p1-11] - CVE-2021-41617 upstream fix oval:org.secpod.oval:def:1505329 [7.4p1-22.0.1] - enlarge format buffer size for certificate serial number so the log message can record any 64-bit integer without truncation [Orabug: 30448895] [7.4p1-22 + 0.10.3-2] - avoid segfault in Kerberos cache cleanup - fix CVE-2021-41617 oval:org.secpod.oval:def:96507 openssh: secure shell for secure access to remote machines Several security issues were fixed in OpenSSH. oval:org.secpod.oval:def:96807 openssh: secure shell for secure access to remote machines Several security issues were fixed in OpenSSH. oval:org.secpod.oval:def:96939 Several vulnerabilities have been discovered in OpenSSH, an implementation of the SSH protocol suite. CVE-2021-41617 It was discovered that sshd failed to correctly initialise supplemental groups when executing an AuthorizedKeysCommand or AuthorizedPrincipalsCommand, where a AuthorizedKeysCommandUse ... oval:org.secpod.oval:def:612879 Several vulnerabilities have been discovered in OpenSSH, an implementation of the SSH protocol suite. CVE-2021-41617 It was discovered that sshd failed to correctly initialise supplemental groups when executing an AuthorizedKeysCommand or AuthorizedPrincipalsCommand, where a AuthorizedKeysCommandUse ... |