ALT-PU-2016-1074-1
Closed vulnerabilities
Published: 2016-01-14
BDU:2019-01913
Уязвимость функции resend_bytes средства криптографической защиты OpenSSH, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
Severity: MEDIUM (6.5)
Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
References:
Published: 2016-01-14
BDU:2019-01914
Уязвимость функций roaming_read и roaming_write средства криптографической защиты OpenSSH, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (8.1)
Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2016-01-15
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2016-0777
The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.
Severity: MEDIUM (6.5)
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
References:
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10734
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10734
- APPLE-SA-2016-03-21-5
- APPLE-SA-2016-03-21-5
- FEDORA-2016-2e89eba0c1
- FEDORA-2016-2e89eba0c1
- FEDORA-2016-67c6ef0d4f
- FEDORA-2016-67c6ef0d4f
- FEDORA-2016-c330264861
- FEDORA-2016-c330264861
- FEDORA-2016-4556904561
- FEDORA-2016-4556904561
- SUSE-SU-2016:0117
- SUSE-SU-2016:0117
- SUSE-SU-2016:0118
- SUSE-SU-2016:0118
- SUSE-SU-2016:0119
- SUSE-SU-2016:0119
- SUSE-SU-2016:0120
- SUSE-SU-2016:0120
- openSUSE-SU-2016:0127
- openSUSE-SU-2016:0127
- openSUSE-SU-2016:0128
- openSUSE-SU-2016:0128
- http://packetstormsecurity.com/files/135273/Qualys-Security-Advisory-OpenSSH-Overflow-Leak.html
- http://packetstormsecurity.com/files/135273/Qualys-Security-Advisory-OpenSSH-Overflow-Leak.html
- 20160115 Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778
- 20160115 Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778
- DSA-3446
- DSA-3446
- http://www.openssh.com/txt/release-7.1p2
- http://www.openssh.com/txt/release-7.1p2
- [oss-security] 20160114 Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778
- [oss-security] 20160114 Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778
- http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
- http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
- 20160114 Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778
- 20160114 Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778
- 80695
- 80695
- 1034671
- 1034671
- USN-2869-1
- USN-2869-1
- https://blogs.sophos.com/2016/02/17/utm-up2date-9-354-released/
- https://blogs.sophos.com/2016/02/17/utm-up2date-9-354-released/
- https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/
- https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/
- https://bto.bluecoat.com/security-advisory/sa109
- https://bto.bluecoat.com/security-advisory/sa109
- https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05247375
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05247375
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
- FreeBSD-SA-16:07
- FreeBSD-SA-16:07
- GLSA-201601-01
- GLSA-201601-01
- https://support.apple.com/HT206167
- https://support.apple.com/HT206167
Published: 2016-01-15
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2016-0778
The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which allows remote servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact by requesting many forwardings.
Severity: HIGH (8.1)
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10734
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10734
- APPLE-SA-2016-03-21-5
- APPLE-SA-2016-03-21-5
- FEDORA-2016-2e89eba0c1
- FEDORA-2016-2e89eba0c1
- FEDORA-2016-4556904561
- FEDORA-2016-4556904561
- SUSE-SU-2016:0117
- SUSE-SU-2016:0117
- SUSE-SU-2016:0118
- SUSE-SU-2016:0118
- SUSE-SU-2016:0119
- SUSE-SU-2016:0119
- SUSE-SU-2016:0120
- SUSE-SU-2016:0120
- openSUSE-SU-2016:0127
- openSUSE-SU-2016:0127
- openSUSE-SU-2016:0128
- openSUSE-SU-2016:0128
- http://packetstormsecurity.com/files/135273/Qualys-Security-Advisory-OpenSSH-Overflow-Leak.html
- http://packetstormsecurity.com/files/135273/Qualys-Security-Advisory-OpenSSH-Overflow-Leak.html
- 20160115 Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778
- 20160115 Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778
- DSA-3446
- DSA-3446
- http://www.openssh.com/txt/release-7.1p2
- http://www.openssh.com/txt/release-7.1p2
- [oss-security] 20160114 Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778
- [oss-security] 20160114 Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778
- http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
- http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
- 20160114 Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778
- 20160114 Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778
- 80698
- 80698
- 1034671
- 1034671
- USN-2869-1
- USN-2869-1
- https://blogs.sophos.com/2016/02/17/utm-up2date-9-354-released/
- https://blogs.sophos.com/2016/02/17/utm-up2date-9-354-released/
- https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/
- https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/
- https://bto.bluecoat.com/security-advisory/sa109
- https://bto.bluecoat.com/security-advisory/sa109
- https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05247375
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05247375
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
- GLSA-201601-01
- GLSA-201601-01
- https://support.apple.com/HT206167
- https://support.apple.com/HT206167