GLSA
Advocate
Joined: 12 May 2004
Posts: 2663
|
 Posted: Wed Dec 07, 2016 1:26 pm Post subject: [ GLSA 201612-18 ] OpenSSH |
 |
|
Gentoo Linux Security Advisory
Title: OpenSSH: Multiple vulnerabilities (GLSA 201612-18)
Severity: normal
Exploitable: remote
Date: December 07, 2016
Bug(s): #576954, #580410, #589088, #590202, #595342, #597360
ID: 201612-18
Synopsis
Multiple vulnerabilities have been found in OpenSSH, the worst of
which allows remote attackers to cause Denial of Service.
Background
OpenSSH is a complete SSH protocol implementation that includes SFTP
client and server support.
Affected Packages
Package: net-misc/openssh
Vulnerable: < 7.3_p1-r7
Unaffected: >= 7.3_p1-r7
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in OpenSSH. Please review
the CVE identifiers referenced below for details.
Impact
Remote attackers could cause Denial of Service and conduct user
enumeration.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSH users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/openssh-7.3_p1-r7"
|
References
CVE-2015-8325
CVE-2016-1908
CVE-2016-3115
CVE-2016-6210
CVE-2016-8858 |
|
News & Announcements
