ALT-BU-2016-3072-1
Branch p7 update bulletin.
Closed vulnerabilities
BDU:2016-02237
Уязвимость сетевого протокола ssh, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальным данным
BDU:2016-02352
Уязвимость средства криптографической защиты OpenSSH, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2022-07416
Уязвимость функции do_setup_env (session.c) службы sshd средства криптографической защиты OpenSSH, позволяющая нарушителю повысить свои привилегии
Modified: 2024-11-21
CVE-2015-8325
The do_setup_env function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pam_environment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as demonstrated by an LD_PRELOAD environment variable.
- RHSA-2016:2588
- RHSA-2016:2588
- RHSA-2017:0641
- RHSA-2017:0641
- DSA-3550
- DSA-3550
- 86187
- 86187
- 1036487
- 1036487
- https://anongit.mindrot.org/openssh.git/commit/?id=85bdcd7c92fe7ff133bbc4e10a65c91810f88755
- https://anongit.mindrot.org/openssh.git/commit/?id=85bdcd7c92fe7ff133bbc4e10a65c91810f88755
- https://bugzilla.redhat.com/show_bug.cgi?id=1328012
- https://bugzilla.redhat.com/show_bug.cgi?id=1328012
- https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
- https://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-8325.html
- https://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-8325.html
- GLSA-201612-18
- GLSA-201612-18
- https://security.netapp.com/advisory/ntap-20180628-0001/
- https://security.netapp.com/advisory/ntap-20180628-0001/
- https://security-tracker.debian.org/tracker/CVE-2015-8325
- https://security-tracker.debian.org/tracker/CVE-2015-8325
Modified: 2024-11-21
CVE-2016-6210
sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enumerate users by leveraging the timing difference between responses when a large password is provided.
- 20160714 opensshd - user enumeration
- 20160714 opensshd - user enumeration
- DSA-3626
- DSA-3626
- 91812
- 91812
- 1036319
- 1036319
- RHSA-2017:2029
- RHSA-2017:2029
- RHSA-2017:2563
- RHSA-2017:2563
- https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
- GLSA-201612-18
- GLSA-201612-18
- https://security.netapp.com/advisory/ntap-20190206-0001/
- https://security.netapp.com/advisory/ntap-20190206-0001/
- 40113
- 40113
- 40136
- 40136
- https://www.openssh.com/txt/release-7.3
- https://www.openssh.com/txt/release-7.3
Modified: 2024-11-21
CVE-2016-8858
The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE: a third party reports that "OpenSSH upstream does not consider this as a security issue."
- http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/kex.c.diff?r1=1.126&r2=1.127&f=h
- http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/kex.c.diff?r1=1.126&r2=1.127&f=h
- http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/kex.c?rev=1.127&content-type=text/x-cvsweb-markup
- http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/kex.c?rev=1.127&content-type=text/x-cvsweb-markup
- [oss-security] 20161019 CVE Request: OpenSSH: Memory exhaustion issue found in OpenSSH
- [oss-security] 20161019 CVE Request: OpenSSH: Memory exhaustion issue found in OpenSSH
- [oss-security] 20161020 Re: Re: CVE Request: OpenSSH: Memory exhaustion issue found in OpenSSH
- [oss-security] 20161020 Re: Re: CVE Request: OpenSSH: Memory exhaustion issue found in OpenSSH
- 93776
- 93776
- 1037057
- 1037057
- https://bugzilla.redhat.com/show_bug.cgi?id=1384860
- https://bugzilla.redhat.com/show_bug.cgi?id=1384860
- https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
- https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/013_ssh_kexinit.patch.sig
- https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/013_ssh_kexinit.patch.sig
- https://github.com/openssh/openssh-portable/commit/ec165c392ca54317dbe3064a8c200de6531e89ad
- https://github.com/openssh/openssh-portable/commit/ec165c392ca54317dbe3064a8c200de6531e89ad
- FreeBSD-SA-16:33
- FreeBSD-SA-16:33
- GLSA-201612-18
- GLSA-201612-18
- https://security.netapp.com/advisory/ntap-20180201-0001/
- https://security.netapp.com/advisory/ntap-20180201-0001/