French Security Incident Response Team

Termes et NomenclatureDéfinition des niveaux de risquesConfidentialité et Charte de confianceService FrSIRT VNS

FrSIRT   

      

   français Français   anglais English

 
Veille en vulnérabilités
FrSIRT VNS Publisher
Demande d'informations
Période d'essai gratuite
 

Bulletins et avis de vulnérabilités
Bulletins de sécurité et avis de vulnérabilités Linux
Virus & AlertesMenaces en temps réel / Blog Sécurité Informatique
Attaques Zero-day (0-jour)
Rechercher une vulnérabilité
 

Déclarer un incident de sécurité
Mailing liste Newsletter Sécurité informatique
 

A propos de FrSIRT / ADConsulting
Nos Clients & RéférencesFrSIRT Dans la presse
Espace Annonceurs
Offre d'emploi et stage Sécurité Informatique
Nous contacter

Mandriva Security Update Fixes OpenSSH Information Disclosure

Date de Publication : 2008-03-27 © FrSIRT.COM
Titre : Mandriva Security Update Fixes OpenSSH Information Disclosure
Identifiant : FrSIRT/AVIS-2008-1003
CVE ID : CVE-2008-1483
Risque : Bas (1/4) -
Exploitable à distance : Non
Exploitable en local : Oui
 

En savoir plus
 
  Description
  Produits affectés
  Solution
  Références
Description Technique    TXT (Plain Text)  PDF (Portable Document Format)  XML (Extensible Markup Language)  SMS (Short Message Service) 

Une faiblesse a été identifiée dans Mandriva, elle pourrait être exploitée par des attaquants locaux afin d'obtenir des informations sensibles [...]

Solution

Installer les mises à jour :

Mandriva Linux 2007.0:
1cdb7c7b2ef0e3a98ed969c4cc176c37 2007.0/i586/openssh-4.5p1-0.3mdv2007.0.i586.rpm
0fe8702c067054b0c375bbad1efa2b30 2007.0/i586/openssh-askpass-4.5p1-0.3mdv2007.0.i586.rpm
134caea38014a9c13e3b05b6377a4b22 2007.0/i586/openssh-askpass-common-4.5p1-0.3mdv2007.0.i586.rpm
ea641b9578d27f562a1d688d8694448f 2007.0/i586/openssh-askpass-gnome-4.5p1-0.3mdv2007.0.i586.rpm
4e163bf66feedeaa93d640190c64273a 2007.0/i586/openssh-clients-4.5p1-0.3mdv2007.0.i586.rpm
4c1619ecbf0f927a4cc13cde8ad4e905 2007.0/i586/openssh-server-4.5p1-0.3mdv2007.0.i586.rpm
aa30bb74824eb2fe90133c7d07c8dab9 2007.0/SRPMS/openssh-4.5p1-0.3mdv2007.0.src.rpm

Mandriva Linux 2007.0/X86_64:
553a1d1a68afb3e6dd2cc92650810e6b 2007.0/x86_64/openssh-4.5p1-0.3mdv2007.0.x86_64.rpm
b4ecf9307bb4262b39462e333062bbfa 2007.0/x86_64/openssh-askpass-4.5p1-0.3mdv2007.0.x86_64.rpm
7b8f442b651db9093c2984ce181eecdb 2007.0/x86_64/openssh-askpass-common-4.5p1-0.3mdv2007.0.x86_64.rpm
3ce5a4a378f8066896cd7ca573adc91b 2007.0/x86_64/openssh-askpass-gnome-4.5p1-0.3mdv2007.0.x86_64.rpm
266dedc3bd7ced35c23a90fa68c66863 2007.0/x86_64/openssh-clients-4.5p1-0.3mdv2007.0.x86_64.rpm
80565ee42635497514dd55a038e19111 2007.0/x86_64/openssh-server-4.5p1-0.3mdv2007.0.x86_64.rpm
aa30bb74824eb2fe90133c7d07c8dab9 2007.0/SRPMS/openssh-4.5p1-0.3mdv2007.0.src.rpm

Mandriva Linux 2007.1:
2cce377c3c1ed3ab206c3d7422ec3acb 2007.1/i586/openssh-4.6p1-1.2mdv2007.1.i586.rpm
b5ee72f9edd2b85fd63447e678af5cb6 2007.1/i586/openssh-askpass-4.6p1-1.2mdv2007.1.i586.rpm
d987a90109da19e121c8d5699ea451df 2007.1/i586/openssh-askpass-common-4.6p1-1.2mdv2007.1.i586.rpm
02d2e8e07a1aaa07c1379fd8b451daac 2007.1/i586/openssh-askpass-gnome-4.6p1-1.2mdv2007.1.i586.rpm
b4162da613394bdd7c53b0469d59092a 2007.1/i586/openssh-clients-4.6p1-1.2mdv2007.1.i586.rpm
53f970e4c4d8630ce06017e74b4a8117 2007.1/i586/openssh-server-4.6p1-1.2mdv2007.1.i586.rpm
0e9a0fae3361d887239b02f56f966e70 2007.1/SRPMS/openssh-4.6p1-1.2mdv2007.1.src.rpm

Mandriva Linux 2007.1/X86_64:
c68c6170ec716ec6eb9748ae3b9966de 2007.1/x86_64/openssh-4.6p1-1.2mdv2007.1.x86_64.rpm
533976030cc8915c2524744189d36252 2007.1/x86_64/openssh-askpass-4.6p1-1.2mdv2007.1.x86_64.rpm
76969355a7adf93a742761a30e0e9f30 2007.1/x86_64/openssh-askpass-common-4.6p1-1.2mdv2007.1.x86_64.rpm
54cf4b7fadbbb52b241b38ad8298c75b 2007.1/x86_64/openssh-askpass-gnome-4.6p1-1.2mdv2007.1.x86_64.rpm
560bd1f969a341204ed65e0b4ec974e2 2007.1/x86_64/openssh-clients-4.6p1-1.2mdv2007.1.x86_64.rpm
cc5df054e5ee3e26cb40708ea7d20f1b 2007.1/x86_64/openssh-server-4.6p1-1.2mdv2007.1.x86_64.rpm
0e9a0fae3361d887239b02f56f966e70 2007.1/SRPMS/openssh-4.6p1-1.2mdv2007.1.src.rpm

Mandriva Linux 2008.0:
2111c70d431c328c7077ffadf1ff1611 2008.0/i586/openssh-4.7p1-2.2mdv2008.0.i586.rpm
abd7791007806997f15568f4bf5ad480 2008.0/i586/openssh-askpass-4.7p1-2.2mdv2008.0.i586.rpm
f2d471277db50b95888b3685c65786dc 2008.0/i586/openssh-askpass-common-4.7p1-2.2mdv2008.0.i586.rpm
fa556ac82136323f2d7bce7bc2ebdc4d 2008.0/i586/openssh-askpass-gnome-4.7p1-2.2mdv2008.0.i586.rpm
9390b79a551600c984f568c4a61e0c36 2008.0/i586/openssh-clients-4.7p1-2.2mdv2008.0.i586.rpm
7d19398174cd1b98811720e4ac2bb6ea 2008.0/i586/openssh-server-4.7p1-2.2mdv2008.0.i586.rpm
a4a38dc3d02ada40d15c3c82a8714431 2008.0/SRPMS/openssh-4.7p1-2.2mdv2008.0.src.rpm

Mandriva Linux 2008.0/X86_64:
ce637761cdca3a2885d71008d68ad5ce 2008.0/x86_64/openssh-4.7p1-2.2mdv2008.0.x86_64.rpm
dd96178f7bbafc7fa4c6165f027424f7 2008.0/x86_64/openssh-askpass-4.7p1-2.2mdv2008.0.x86_64.rpm
e59c6e5cf414167b934b556b2b733182 2008.0/x86_64/openssh-askpass-common-4.7p1-2.2mdv2008.0.x86_64.rpm
c06a24dbbfcc82b820641e1f6215cf7e 2008.0/x86_64/openssh-askpass-gnome-4.7p1-2.2mdv2008.0.x86_64.rpm
b1612dfbc98eba2d2395c8275080b3b6 2008.0/x86_64/openssh-clients-4.7p1-2.2mdv2008.0.x86_64.rpm
8b36887467cb04a1c6549a7a89d24d5d 2008.0/x86_64/openssh-server-4.7p1-2.2mdv2008.0.x86_64.rpm
a4a38dc3d02ada40d15c3c82a8714431 2008.0/SRPMS/openssh-4.7p1-2.2mdv2008.0.src.rpm

Corporate 3.0:
bd39164a0885b1048a1bad7ee36e4b5c corporate/3.0/i586/openssh-4.3p1-0.5.C30mdk.i586.rpm
28d40b0131d01224e8302b09b701c241 corporate/3.0/i586/openssh-askpass-4.3p1-0.5.C30mdk.i586.rpm
b0ecd0e810a3688e8c325e2e9490ac19 corporate/3.0/i586/openssh-askpass-gnome-4.3p1-0.5.C30mdk.i586.rpm
73f0a5ed87d85459542d0daf91afc342 corporate/3.0/i586/openssh-clients-4.3p1-0.5.C30mdk.i586.rpm
7598a2dcef9d65274ceef4b05daf6f6c corporate/3.0/i586/openssh-server-4.3p1-0.5.C30mdk.i586.rpm
47a7c143a1f59df502d679fad706407b corporate/3.0/SRPMS/openssh-4.3p1-0.5.C30mdk.src.rpm

Corporate 3.0/X86_64:
9741d292d7ab4e9897144b2e9e241028 corporate/3.0/x86_64/openssh-4.3p1-0.5.C30mdk.x86_64.rpm
acfadda7a360c60928ff3cbc0396b286 corporate/3.0/x86_64/openssh-askpass-4.3p1-0.5.C30mdk.x86_64.rpm
a40bfc1509425d8d4873f09ba4655a6f corporate/3.0/x86_64/openssh-askpass-gnome-4.3p1-0.5.C30mdk.x86_64.rpm
2045a78a038012bdf8d3f008dd929848 corporate/3.0/x86_64/openssh-clients-4.3p1-0.5.C30mdk.x86_64.rpm
63f2dd8d94e1386a0dd40584cdb331ec corporate/3.0/x86_64/openssh-server-4.3p1-0.5.C30mdk.x86_64.rpm
47a7c143a1f59df502d679fad706407b corporate/3.0/SRPMS/openssh-4.3p1-0.5.C30mdk.src.rpm

Corporate 4.0:
90a82a41e96edc3a906415fd8752d4ae corporate/4.0/i586/openssh-4.3p1-0.6.20060mlcs4.i586.rpm
ccc5e86dd030d38ea68e20fc94f2f09d corporate/4.0/i586/openssh-askpass-4.3p1-0.6.20060mlcs4.i586.rpm
98f6b7de70978476bc88649dd1d7aee5 corporate/4.0/i586/openssh-askpass-gnome-4.3p1-0.6.20060mlcs4.i586.rpm
e9ccaf3b3f2da24a319f0a8486bba6a6 corporate/4.0/i586/openssh-clients-4.3p1-0.6.20060mlcs4.i586.rpm
2a21febb787249e6640326faf776a47b corporate/4.0/i586/openssh-server-4.3p1-0.6.20060mlcs4.i586.rpm
3c9380388adfa5ce11c469aba798fa50 corporate/4.0/SRPMS/openssh-4.3p1-0.6.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
75c4138df03cb7338e4f0fd00b11d089 corporate/4.0/x86_64/openssh-4.3p1-0.6.20060mlcs4.x86_64.rpm
ee15ff755b409b38d0ef5565d33f46a3 corporate/4.0/x86_64/openssh-askpass-4.3p1-0.6.20060mlcs4.x86_64.rpm
4fefe00577fc32dfc1b998dbf938086f corporate/4.0/x86_64/openssh-askpass-gnome-4.3p1-0.6.20060mlcs4.x86_64.rpm
ae087298d947fa6042f9b0bb6ca4eb47 corporate/4.0/x86_64/openssh-clients-4.3p1-0.6.20060mlcs4.x86_64.rpm
eac093e98f64783eeefc12a4db6ec2c2 corporate/4.0/x86_64/openssh-server-4.3p1-0.6.20060mlcs4.x86_64.rpm
3c9380388adfa5ce11c469aba798fa50 corporate/4.0/SRPMS/openssh-4.3p1-0.6.20060mlcs4.src.rpm

Multi Network Firewall 2.0:
64edf29914476e979c84adc5126d146b mnf/2.0/i586/openssh-4.3p1-0.5.M20mdk.i586.rpm
3852bab5554701da9d449c4a3be4c63b mnf/2.0/i586/openssh-askpass-4.3p1-0.5.M20mdk.i586.rpm
3b2d30fbfd949cc0cb8854cc372eb0c1 mnf/2.0/i586/openssh-askpass-gnome-4.3p1-0.5.M20mdk.i586.rpm
1023e4044888cd2c60840328a0a94eb4 mnf/2.0/i586/openssh-clients-4.3p1-0.5.M20mdk.i586.rpm
6a9319816793ec07b1874c880599c316 mnf/2.0/i586/openssh-server-4.3p1-0.5.M20mdk.i586.rpm
3e888dc4c4879fcb9d834bac1b789405 mnf/2.0/SRPMS/openssh-4.3p1-0.5.M20mdk.src.rpm

Historique

2008-03-27 : Version Initiale

Recevez les bulletins FrSIRT

Le service FrSIRT VNS permet aux professionnels de la sécurité (RSSI, DSI, administrateurs et consultants) de recevoir en temps-réel, par email, SMS et flux RSS/XML, des bulletins de vulnérabilités complets, détaillés et personnalisés.
 
 

Recherche    

      

Newsletter    

    
 

Apple Mac OS X Code Execution Vulnerabilities

Apple iPhone and iPod touch Multiple Code Execution Vulnerabilities

Apple Xcode Code Execution and Information Disclosure Vulnerabilities

Apple TV Data Processing Remote Code Execution Vulnerabilities

Apple Mac OS X Command Execution Vulnerabilities

Apple Safari for Mac OS X Remote Code Execution Vulnerability

Apple Mac OS X ARDAgent Local Privilege Escalation Vulnerability

Cisco PIX and ASA Information Disclosure and DoS Vulnerabilities

Cisco Secure ACS EAP Remote Denial Of Service Vulnerability

Cisco Products Remote DNS Cache Poisoning Vulnerability

Cisco Wide Area Application Services CUPS Remote Vulnerability

Cisco UCM Denial of Service and Authentication Bypass Vulnerabilities

Cisco Intrusion Prevention System Jumbo Frame Vulnerability

Cisco VPN Client Deterministic Network Enhancer Privilege Escalation

Microsoft Visual Studio "Msmask32" Code Execution Vulnerability

Microsoft PowerPoint Command Execution Vulnerabilities (MS08-051)

Microsoft Windows Messenger Data Disclosure (MS08-050)

Microsoft Windows Event System Code Execution (MS08-049)

Microsoft Outlook and Mail Security Bypass Vulnerability (MS08-048)

Microsoft Windows IPsec Policy Data Disclosure Vulnerability (MS08-047)

Microsoft Windows MSCMS Code Execution Vulnerability (MS08-046)

  FrSIRT.COM © Tous droits réservés 2003-2008 - Notice Légale  sécurité informatique