Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2016:1528-1

Опубликовано: 08 июн. 2016
Источник: suse-cvrf

Описание

Security update for openssh

openssh was updated to fix three security issues.

These security issues were fixed:

  • CVE-2016-3115: Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH allowed remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions (bsc#970632).
  • CVE-2016-1908: Possible fallback from untrusted to trusted X11 forwarding (bsc#962313).
  • CVE-2015-8325: Ignore PAM environment vars when UseLogin=yes (bsc#975865).

These non-security issues were fixed:

  • Correctly parse GSSAPI KEX algorithms (bsc#961368)
  • More verbose FIPS mode/CC related documentation in README.FIPS (bsc#965576, bsc#960414)
  • Fix PRNG re-seeding (bsc#960414, bsc#729190)
  • Disable DH parameters under 2048 bits by default and allow lowering the limit back to the RFC 4419 specified minimum through an option (bsc#932483, bsc#948902)
  • Allow empty Match blocks (bsc#961494)

Список пакетов

SUSE Linux Enterprise Server 11 SP4
openssh-6.6p1-21.1
openssh-askpass-gnome-6.6p1-21.3
openssh-fips-6.6p1-21.1
openssh-helpers-6.6p1-21.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
openssh-6.6p1-21.1
openssh-askpass-gnome-6.6p1-21.3
openssh-fips-6.6p1-21.1
openssh-helpers-6.6p1-21.1

Ссылки

Описание

The do_setup_env function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pam_environment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as demonstrated by an LD_PRELOAD environment variable.

Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-21.1
SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-21.3
SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-21.1
SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-21.1
Ссылки

Описание

The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.

Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-21.1
SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-21.3
SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-21.1
SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-21.1
Ссылки

Описание

Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions.

Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-21.1
SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-21.3
SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-21.1
SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-21.1
Ссылки