Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2016-10011 (GCVE-0-2016-10011)
Vulnerability from cvelistv5 – Published: 2017-01-05 00:00 – Updated: 2024-08-06 03:07
VLAI
EPSS
Summary
authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
12 references
Date Public
2016-12-19 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:07:32.056Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20171130-0002/"
},
{
"name": "[oss-security] 20161219 Announce: OpenSSH 7.4 released",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/12/19/2"
},
{
"name": "1037490",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037490"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/openbsd/src/commit/ac8147a06ed2e2403fb6b9a0c03e618a9333c0e9"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03818en_us"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.647637"
},
{
"name": "RHSA-2017:2029",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2029"
},
{
"name": "[debian-lts-announce] 20180910 [SECURITY] [DLA 1500-1] openssh security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html"
},
{
"name": "94977",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94977"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openssh.com/txt/release-7.4"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-676336.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-12-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-13T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20171130-0002/"
},
{
"name": "[oss-security] 20161219 Announce: OpenSSH 7.4 released",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2016/12/19/2"
},
{
"name": "1037490",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1037490"
},
{
"url": "https://github.com/openbsd/src/commit/ac8147a06ed2e2403fb6b9a0c03e618a9333c0e9"
},
{
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03818en_us"
},
{
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.647637"
},
{
"name": "RHSA-2017:2029",
"tags": [
"vendor-advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2029"
},
{
"name": "[debian-lts-announce] 20180910 [SECURITY] [DLA 1500-1] openssh security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html"
},
{
"name": "94977",
"tags": [
"vdb-entry"
],
"url": "http://www.securityfocus.com/bid/94977"
},
{
"url": "https://www.openssh.com/txt/release-7.4"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-676336.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-10011",
"datePublished": "2017-01-05T00:00:00.000Z",
"dateReserved": "2016-12-19T00:00:00.000Z",
"dateUpdated": "2024-08-06T03:07:32.056Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2016-10011",
"date": "2026-05-28",
"epss": "0.00016",
"percentile": "0.03957"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2016-10011\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2017-01-05T02:59:03.120\",\"lastModified\":\"2026-05-06T22:30:45.220\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.\"},{\"lang\":\"es\",\"value\":\"authfile.c en sshd en OpenSSH en versiones anteriores a 7.4 no considera apropiadamente los efectos de realloc en el contenido de b\u00fafer, lo que podr\u00eda permitir a usuarios locales obtener informaci\u00f3n sensible de clave privada aprovechando el acceso a un subproceso separado de privilegios.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":2.1,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-320\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"7.3\",\"matchCriteriaId\":\"B5D52975-3CB0-4BF7-975F-66EF9BF42A06\"}]}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2016/12/19/2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Release Notes\"]},{\"url\":\"http://www.securityfocus.com/bid/94977\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id/1037490\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.647637\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2029\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-676336.pdf\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://github.com/openbsd/src/commit/ac8147a06ed2e2403fb6b9a0c03e618a9333c0e9\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20171130-0002/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03818en_us\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.openssh.com/txt/release-7.4\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2016/12/19/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Release Notes\"]},{\"url\":\"http://www.securityfocus.com/bid/94977\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1037490\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.647637\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2029\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-676336.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/openbsd/src/commit/ac8147a06ed2e2403fb6b9a0c03e618a9333c0e9\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20171130-0002/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03818en_us\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.openssh.com/txt/release-7.4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
SUSE-SU-2017:1661-1
Vulnerability from csaf_suse - Published: 2017-06-23 08:29 - Updated: 2017-06-23 08:29Summary
Security update for openssh-openssl1
Severity
Moderate
Notes
Title of the patch: Security update for openssh-openssl1
Description of the patch: This update for openssh-openssl1 fixes the following issues:
- Properly verify CIDR masks in configuration (bsc#1005893)
- CVE-2016-10009: limit directories for loading PKCS11 modules (bsc#1016366)
- CVE-2016-10011: Prevent possible leaks of host private keys to low-privilege
process handling authentication (bsc#1016369)
- CVE-2016-8858: prevent resource depletion during key exchange (bsc#1005480)
- fix suggested command for removing conflicting server keys from
the known_hosts file (bsc#1006221)
Patchnames: secsp3-openssh-openssl1-13169
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.3 (High)
Affected products
Recommended
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.8 (Medium)
Affected products
Recommended
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
29 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssh-openssl1",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssh-openssl1 fixes the following issues:\n\n\n- Properly verify CIDR masks in configuration (bsc#1005893)\n\n- CVE-2016-10009: limit directories for loading PKCS11 modules (bsc#1016366)\n\n- CVE-2016-10011: Prevent possible leaks of host private keys to low-privilege\n process handling authentication (bsc#1016369)\n\n- CVE-2016-8858: prevent resource depletion during key exchange (bsc#1005480)\n\n- fix suggested command for removing conflicting server keys from\n the known_hosts file (bsc#1006221)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "secsp3-openssh-openssl1-13169",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_1661-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:1661-1",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20171661-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:1661-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-June/002972.html"
},
{
"category": "self",
"summary": "SUSE Bug 1005480",
"url": "https://bugzilla.suse.com/1005480"
},
{
"category": "self",
"summary": "SUSE Bug 1005893",
"url": "https://bugzilla.suse.com/1005893"
},
{
"category": "self",
"summary": "SUSE Bug 1006221",
"url": "https://bugzilla.suse.com/1006221"
},
{
"category": "self",
"summary": "SUSE Bug 1016366",
"url": "https://bugzilla.suse.com/1016366"
},
{
"category": "self",
"summary": "SUSE Bug 1016369",
"url": "https://bugzilla.suse.com/1016369"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10009 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10011 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8858 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8858/"
}
],
"title": "Security update for openssh-openssl1",
"tracking": {
"current_release_date": "2017-06-23T08:29:32Z",
"generator": {
"date": "2017-06-23T08:29:32Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:1661-1",
"initial_release_date": "2017-06-23T08:29:32Z",
"revision_history": [
{
"date": "2017-06-23T08:29:32Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "openssh-openssl1-6.6p1-18.1.i586",
"product": {
"name": "openssh-openssl1-6.6p1-18.1.i586",
"product_id": "openssh-openssl1-6.6p1-18.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-openssl1-helpers-6.6p1-18.1.i586",
"product": {
"name": "openssh-openssl1-helpers-6.6p1-18.1.i586",
"product_id": "openssh-openssl1-helpers-6.6p1-18.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-openssl1-6.6p1-18.1.ia64",
"product": {
"name": "openssh-openssl1-6.6p1-18.1.ia64",
"product_id": "openssh-openssl1-6.6p1-18.1.ia64"
}
},
{
"category": "product_version",
"name": "openssh-openssl1-helpers-6.6p1-18.1.ia64",
"product": {
"name": "openssh-openssl1-helpers-6.6p1-18.1.ia64",
"product_id": "openssh-openssl1-helpers-6.6p1-18.1.ia64"
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-openssl1-6.6p1-18.1.ppc64",
"product": {
"name": "openssh-openssl1-6.6p1-18.1.ppc64",
"product_id": "openssh-openssl1-6.6p1-18.1.ppc64"
}
},
{
"category": "product_version",
"name": "openssh-openssl1-helpers-6.6p1-18.1.ppc64",
"product": {
"name": "openssh-openssl1-helpers-6.6p1-18.1.ppc64",
"product_id": "openssh-openssl1-helpers-6.6p1-18.1.ppc64"
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-openssl1-6.6p1-18.1.s390x",
"product": {
"name": "openssh-openssl1-6.6p1-18.1.s390x",
"product_id": "openssh-openssl1-6.6p1-18.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-openssl1-helpers-6.6p1-18.1.s390x",
"product": {
"name": "openssh-openssl1-helpers-6.6p1-18.1.s390x",
"product_id": "openssh-openssl1-helpers-6.6p1-18.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-openssl1-6.6p1-18.1.x86_64",
"product": {
"name": "openssh-openssl1-6.6p1-18.1.x86_64",
"product_id": "openssh-openssl1-6.6p1-18.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-openssl1-helpers-6.6p1-18.1.x86_64",
"product": {
"name": "openssh-openssl1-helpers-6.6p1-18.1.x86_64",
"product_id": "openssh-openssl1-helpers-6.6p1-18.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11-SECURITY",
"product": {
"name": "SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:11:security"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-openssl1-6.6p1-18.1.i586 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.i586"
},
"product_reference": "openssh-openssl1-6.6p1-18.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-openssl1-6.6p1-18.1.ia64 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ia64"
},
"product_reference": "openssh-openssl1-6.6p1-18.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-openssl1-6.6p1-18.1.ppc64 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ppc64"
},
"product_reference": "openssh-openssl1-6.6p1-18.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-openssl1-6.6p1-18.1.s390x as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.s390x"
},
"product_reference": "openssh-openssl1-6.6p1-18.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-openssl1-6.6p1-18.1.x86_64 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.x86_64"
},
"product_reference": "openssh-openssl1-6.6p1-18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-openssl1-helpers-6.6p1-18.1.i586 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.i586"
},
"product_reference": "openssh-openssl1-helpers-6.6p1-18.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-openssl1-helpers-6.6p1-18.1.ia64 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ia64"
},
"product_reference": "openssh-openssl1-helpers-6.6p1-18.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-openssl1-helpers-6.6p1-18.1.ppc64 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ppc64"
},
"product_reference": "openssh-openssl1-helpers-6.6p1-18.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-openssl1-helpers-6.6p1-18.1.s390x as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.s390x"
},
"product_reference": "openssh-openssl1-helpers-6.6p1-18.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-openssl1-helpers-6.6p1-18.1.x86_64 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.x86_64"
},
"product_reference": "openssh-openssl1-helpers-6.6p1-18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10009"
}
],
"notes": [
{
"category": "general",
"text": "Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10009",
"url": "https://www.suse.com/security/cve/CVE-2016-10009"
},
{
"category": "external",
"summary": "SUSE Bug 1016336 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1016336"
},
{
"category": "external",
"summary": "SUSE Bug 1016366 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1016366"
},
{
"category": "external",
"summary": "SUSE Bug 1016370 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1016370"
},
{
"category": "external",
"summary": "SUSE Bug 1026634 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1026634"
},
{
"category": "external",
"summary": "SUSE Bug 1138392 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1138392"
},
{
"category": "external",
"summary": "SUSE Bug 1213504 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1213504"
},
{
"category": "external",
"summary": "SUSE Bug 1217035 for CVE-2016-10009",
"url": "https://bugzilla.suse.com/1217035"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-06-23T08:29:32Z",
"details": "moderate"
}
],
"title": "CVE-2016-10009"
},
{
"cve": "CVE-2016-10011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10011"
}
],
"notes": [
{
"category": "general",
"text": "authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10011",
"url": "https://www.suse.com/security/cve/CVE-2016-10011"
},
{
"category": "external",
"summary": "SUSE Bug 1016336 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1016336"
},
{
"category": "external",
"summary": "SUSE Bug 1016369 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1016369"
},
{
"category": "external",
"summary": "SUSE Bug 1016370 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1016370"
},
{
"category": "external",
"summary": "SUSE Bug 1017870 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1017870"
},
{
"category": "external",
"summary": "SUSE Bug 1026634 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1026634"
},
{
"category": "external",
"summary": "SUSE Bug 1029445 for CVE-2016-10011",
"url": "https://bugzilla.suse.com/1029445"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-06-23T08:29:32Z",
"details": "moderate"
}
],
"title": "CVE-2016-10011"
},
{
"cve": "CVE-2016-8858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8858"
}
],
"notes": [
{
"category": "general",
"text": "The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE: a third party reports that \"OpenSSH upstream does not consider this as a security issue.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8858",
"url": "https://www.suse.com/security/cve/CVE-2016-8858"
},
{
"category": "external",
"summary": "SUSE Bug 1005480 for CVE-2016-8858",
"url": "https://bugzilla.suse.com/1005480"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-18.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-06-23T08:29:32Z",
"details": "moderate"
}
],
"title": "CVE-2016-8858"
}
]
}
WID-SEC-W-2023-1996
Vulnerability from csaf_certbund - Published: 2016-12-19 23:00 - Updated: 2024-05-07 22:00Summary
OpenSSH: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: OpenSSH ist eine Open Source Implementierung des Secure Shell Protokolls.
Angriff: Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in OpenSSH ausnutzen, um beliebigen Programmcode mit den Rechten des Dienstes auszuführen, seine Privilegien zu erweitern oder einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme: - Linux
- UNIX
Es existiert eine Schwachstelle in OpenSSH in Verbindung mit dem ssh-agent(1). Diese Schwachstelle beruht darauf, dass über den ssh-agent PKCS#11 Module von nicht vertrauenswürdigen Pfaden geladen werden können. Ein Angreifer kann diese Schwachstelle ausnutzen, um über einen weitergeleiteten Agent Channel maliziöse PKCS#11 Module zu laden. Da es sich bei PKCS#11 Module um geteilte Bibliotheken (Shared Libraries) handelt, ist in der Folge Codeausführung auf dem System, das den ssh-agent ausführt, möglich.
Affected products
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
FreeBSD Project FreeBSD OS
FreeBSD Project
|
cpe:/o:freebsd:freebsd:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Dell NetWorker virtual
Dell / NetWorker
|
cpe:/a:dell:networker:virtual
|
virtual | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
IBM AIX
IBM
|
cpe:/o:ibm:aix:-
|
— | |
|
IBM VIOS
IBM
|
cpe:/a:ibm:vios:-
|
— |
Es existiert eine Schwachstelle in OpenSSH im Zusammenhang mit sshd(8). Wenn "Privilege Separation" deaktiviert ist, dann können über sshd(8) "forwarded Unix-Domain Sockets" mit root-Berechtigungen erzeugt werden, anstatt mit den Berechtigungen des authentisierten Benutzers. Somit ist ein Angreifer in der Lage seine Privilegien zu erhöhen.
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
FreeBSD Project FreeBSD OS
FreeBSD Project
|
cpe:/o:freebsd:freebsd:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Dell NetWorker virtual
Dell / NetWorker
|
cpe:/a:dell:networker:virtual
|
virtual | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Es existiert eine Schwachstelle in OpenSSH in Verbindung mit sshd(8). Diese Schwachstelle beruht auf einer fehlerhaften Berechtigungstrennung bei Child-Prozessen über "reallloc()", wenn SSH Schlüssel gelesen werden. In der Folge kann ein Angreifer diese Schwachstelle ausnutzen, um Teile des Host Private Key offenzulegen.
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Dell NetWorker virtual
Dell / NetWorker
|
cpe:/a:dell:networker:virtual
|
virtual | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Es existiert eine Schwachstelle in OpenSSH in Verbindung mit sshd(8). Die Schwachstelle basiert auf einer fehlerhaften Kontrolle der Puffergrenzen des "Shared Memory Managers". Ein Angreifer kann diese Schwachstelle ausnutzen, um seine Privilegien zu erhöhen.
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Dell NetWorker virtual
Dell / NetWorker
|
cpe:/a:dell:networker:virtual
|
virtual | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Vulnerability 5
Es existiert eine Denial of Service Schwachstelle in OpenSSH im Zusammenhang mit sshd(8). Diese Schwachstelle besteht aufgrund fehlerhafter Verarbeitung von KEXINIT Nachrichten. In der Folge kann ein entfernter anonymer Angreifer diese Schwachstelle durch Senden von mehreren KEXINIT Nachrichten ausnutzen, um einen Denial of Service Zustand herbeizuführen.
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
FreeBSD Project FreeBSD OS
FreeBSD Project
|
cpe:/o:freebsd:freebsd:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
NetApp Data ONTAP
NetApp
|
cpe:/a:netapp:data_ontap:-
|
— | |
|
Dell NetWorker virtual
Dell / NetWorker
|
cpe:/a:dell:networker:virtual
|
virtual | |
|
Juniper JUNOS
Juniper
|
cpe:/o:juniper:junos:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
IBM AIX
IBM
|
cpe:/o:ibm:aix:-
|
— | |
|
IBM VIOS
IBM
|
cpe:/a:ibm:vios:-
|
— | |
|
PaloAlto Networks PAN-OS
PaloAlto Networks
|
cpe:/o:paloaltonetworks:pan-os:-
|
— |
Vulnerability 6
Es existiert eine Schwachstelle in OpenSSH in Verbindung mit sshd(8). Diese Schwachstelle beruht darauf, dass Adressbereichen für "AllowUser" und "DenyUsers" Direktiven fehlerhaft validiert werden. In der Folge werden durch die Konfiguration ungültiger CIDR Adressbereiche (z.B. benutzer@127.1.1.2/55) Zugriffe erlaubt bzw. ermöglicht, welche nicht beabsichtigt wurden.
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Dell NetWorker virtual
Dell / NetWorker
|
cpe:/a:dell:networker:virtual
|
virtual | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
References
27 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "OpenSSH ist eine Open Source Implementierung des Secure Shell Protokolls.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in OpenSSH ausnutzen, um beliebigen Programmcode mit den Rechten des Dienstes auszuf\u00fchren, seine Privilegien zu erweitern oder einen Denial of Service Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-1996 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2016/wid-sec-w-2023-1996.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-1996 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1996"
},
{
"category": "external",
"summary": "OpenSSH 7.4 Release vom 2016-12-19",
"url": "http://www.openssh.com/txt/release-7.4"
},
{
"category": "external",
"summary": "SecurityTracker Alert ID 1037490 vom 2016-12-19",
"url": "http://www.securitytracker.com/id/1037490"
},
{
"category": "external",
"summary": "FreeBSD Security Advisory: FreeBSD-SA-17:01.openssh.asc",
"url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-17:01.openssh.asc"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2017:0264-1 vom 2017-01-24",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170264-1.html"
},
{
"category": "external",
"summary": "F5 Security Advisory K64292204 vom 2017-01-24",
"url": "https://support.f5.com/csp/article/K64292204"
},
{
"category": "external",
"summary": "F5 Security Advisory K31440025 vom 2017-01-24",
"url": "https://support.f5.com/csp/article/K31440025"
},
{
"category": "external",
"summary": "F5 Security Advisory K62201745 vom 2017-01-27",
"url": "https://support.f5.com/csp/article/K62201745"
},
{
"category": "external",
"summary": "IBM Security Advisory openssh_advisory10.asc",
"url": "http://aix.software.ibm.com/aix/efixes/security/openssh_advisory10.asc"
},
{
"category": "external",
"summary": "The FreeBSD Project Security Advisory: FreeBSD-SA-17:01.openssh",
"url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-17:01.openssh.asc"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2017:0603-1 vom 2017-03-03",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170603-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2017:0607-1 vom 2017-03-06",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170607-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2017:0606-1 vom 2017-03-06",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170606-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2017:1661-1 vom 2017-06-24",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20171661-1.html"
},
{
"category": "external",
"summary": "RedHat Security Advisory: RHSA-2017:2029",
"url": "https://access.redhat.com/errata/RHSA-2017:2029"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-3538-1 vom 2018-01-22",
"url": "http://www.ubuntu.com/usn/usn-3538-1/"
},
{
"category": "external",
"summary": "McAfee Security Bulletin: SB10239",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10239"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:2275-1 vom 2018-08-10",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182275-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:2685-1 vom 2018-09-11",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182685-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:2719-1 vom 2018-09-15",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182719-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:3540-1 vom 2018-10-29",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183540-1.html"
},
{
"category": "external",
"summary": "Palo Alto Networks Security Advisory PAN-SA-2020-0005 vom 2020-05-13",
"url": "https://security.paloaltonetworks.com/PAN-SA-2020-0005"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA11169 vom 2021-04-16",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11169"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2023-2176 vom 2023-08-09",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2023-2176.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2023-1802 vom 2023-08-23",
"url": "https://alas.aws.amazon.com/ALAS-2023-1802.html"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2024-198 vom 2024-05-08",
"url": "https://www.dell.com/support/kbdoc/000224827/dsa-2024-="
}
],
"source_lang": "en-US",
"title": "OpenSSH: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-05-07T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:56:43.803+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-1996",
"initial_release_date": "2016-12-19T23:00:00.000+00:00",
"revision_history": [
{
"date": "2016-12-19T23:00:00.000+00:00",
"number": "1",
"summary": "Initial Release"
},
{
"date": "2016-12-19T23:00:00.000+00:00",
"number": "2",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-12-19T23:00:00.000+00:00",
"number": "3",
"summary": "Version nicht vorhanden"
},
{
"date": "2017-01-10T23:00:00.000+00:00",
"number": "4",
"summary": "New remediations available"
},
{
"date": "2017-01-23T23:00:00.000+00:00",
"number": "5",
"summary": "New remediations available"
},
{
"date": "2017-01-23T23:00:00.000+00:00",
"number": "6",
"summary": "New remediations available"
},
{
"date": "2017-01-23T23:00:00.000+00:00",
"number": "7",
"summary": "Version nicht vorhanden"
},
{
"date": "2017-01-29T23:00:00.000+00:00",
"number": "8",
"summary": "New remediations available"
},
{
"date": "2017-02-20T23:00:00.000+00:00",
"number": "9",
"summary": "New remediations available"
},
{
"date": "2017-02-20T23:00:00.000+00:00",
"number": "10",
"summary": "Version nicht vorhanden"
},
{
"date": "2017-02-20T23:00:00.000+00:00",
"number": "11",
"summary": "Version nicht vorhanden"
},
{
"date": "2017-02-22T23:00:00.000+00:00",
"number": "12",
"summary": "New remediations available"
},
{
"date": "2017-03-05T23:00:00.000+00:00",
"number": "13",
"summary": "New remediations available"
},
{
"date": "2017-03-06T23:00:00.000+00:00",
"number": "14",
"summary": "New remediations available"
},
{
"date": "2017-03-06T23:00:00.000+00:00",
"number": "15",
"summary": "Version nicht vorhanden"
},
{
"date": "2017-06-26T22:00:00.000+00:00",
"number": "16",
"summary": "New remediations available"
},
{
"date": "2017-08-01T22:00:00.000+00:00",
"number": "17",
"summary": "New remediations available"
},
{
"date": "2017-08-07T22:00:00.000+00:00",
"number": "18",
"summary": "Added references"
},
{
"date": "2018-06-13T22:00:00.000+00:00",
"number": "19",
"summary": "New remediations available"
},
{
"date": "2018-08-09T22:00:00.000+00:00",
"number": "20",
"summary": "New remediations available"
},
{
"date": "2018-08-09T22:00:00.000+00:00",
"number": "21",
"summary": "Version nicht vorhanden"
},
{
"date": "2018-08-09T22:00:00.000+00:00",
"number": "22",
"summary": "Version nicht vorhanden"
},
{
"date": "2018-08-23T22:00:00.000+00:00",
"number": "23",
"summary": "Added references"
},
{
"date": "2018-09-11T22:00:00.000+00:00",
"number": "24",
"summary": "Produkte erg\u00e4nzt"
},
{
"date": "2018-09-11T22:00:00.000+00:00",
"number": "25",
"summary": "New remediations available"
},
{
"date": "2018-09-16T22:00:00.000+00:00",
"number": "26",
"summary": "New remediations available"
},
{
"date": "2018-10-29T23:00:00.000+00:00",
"number": "27",
"summary": "New remediations available"
},
{
"date": "2020-05-13T22:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von Palo Alto Networks aufgenommen"
},
{
"date": "2021-04-15T22:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von Juniper aufgenommen"
},
{
"date": "2023-08-08T22:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2023-08-23T22:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2024-05-07T22:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von Dell aufgenommen"
}
],
"status": "final",
"version": "32"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "virtual",
"product": {
"name": "Dell NetWorker virtual",
"product_id": "T034583",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:virtual"
}
}
}
],
"category": "product_name",
"name": "NetWorker"
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "EMC Avamar",
"product": {
"name": "EMC Avamar",
"product_id": "T014381",
"product_identification_helper": {
"cpe": "cpe:/a:emc:avamar:-"
}
}
}
],
"category": "vendor",
"name": "EMC"
},
{
"branches": [
{
"category": "product_name",
"name": "FreeBSD Project FreeBSD OS",
"product": {
"name": "FreeBSD Project FreeBSD OS",
"product_id": "4035",
"product_identification_helper": {
"cpe": "cpe:/o:freebsd:freebsd:-"
}
}
}
],
"category": "vendor",
"name": "FreeBSD Project"
},
{
"branches": [
{
"category": "product_name",
"name": "IBM AIX",
"product": {
"name": "IBM AIX",
"product_id": "5094",
"product_identification_helper": {
"cpe": "cpe:/o:ibm:aix:-"
}
}
},
{
"category": "product_name",
"name": "IBM VIOS",
"product": {
"name": "IBM VIOS",
"product_id": "T004571",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:vios:-"
}
}
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Juniper JUNOS",
"product": {
"name": "Juniper JUNOS",
"product_id": "5930",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:-"
}
}
}
],
"category": "vendor",
"name": "Juniper"
},
{
"branches": [
{
"category": "product_name",
"name": "NetApp Data ONTAP",
"product": {
"name": "NetApp Data ONTAP",
"product_id": "7654",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:data_ontap:-"
}
}
}
],
"category": "vendor",
"name": "NetApp"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.4",
"product": {
"name": "Open Source OpenSSH \u003c7.4",
"product_id": "8223"
}
}
],
"category": "product_name",
"name": "OpenSSH"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "PaloAlto Networks PAN-OS",
"product": {
"name": "PaloAlto Networks PAN-OS",
"product_id": "T012790",
"product_identification_helper": {
"cpe": "cpe:/o:paloaltonetworks:pan-os:-"
}
}
}
],
"category": "vendor",
"name": "PaloAlto Networks"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10009",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in OpenSSH in Verbindung mit dem ssh-agent(1). Diese Schwachstelle beruht darauf, dass \u00fcber den ssh-agent PKCS#11 Module von nicht vertrauensw\u00fcrdigen Pfaden geladen werden k\u00f6nnen. Ein Angreifer kann diese Schwachstelle ausnutzen, um \u00fcber einen weitergeleiteten Agent Channel malizi\u00f6se PKCS#11 Module zu laden. Da es sich bei PKCS#11 Module um geteilte Bibliotheken (Shared Libraries) handelt, ist in der Folge Codeausf\u00fchrung auf dem System, das den ssh-agent ausf\u00fchrt, m\u00f6glich."
}
],
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"4035",
"T000126",
"T034583",
"398363",
"5094",
"T004571"
]
},
"release_date": "2016-12-19T23:00:00.000+00:00",
"title": "CVE-2016-10009"
},
{
"cve": "CVE-2016-10010",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in OpenSSH im Zusammenhang mit sshd(8). Wenn \"Privilege Separation\" deaktiviert ist, dann k\u00f6nnen \u00fcber sshd(8) \"forwarded Unix-Domain Sockets\" mit root-Berechtigungen erzeugt werden, anstatt mit den Berechtigungen des authentisierten Benutzers. Somit ist ein Angreifer in der Lage seine Privilegien zu erh\u00f6hen."
}
],
"product_status": {
"known_affected": [
"T014381",
"T002207",
"4035",
"T000126",
"T034583",
"398363"
]
},
"release_date": "2016-12-19T23:00:00.000+00:00",
"title": "CVE-2016-10010"
},
{
"cve": "CVE-2016-10011",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in OpenSSH in Verbindung mit sshd(8). Diese Schwachstelle beruht auf einer fehlerhaften Berechtigungstrennung bei Child-Prozessen \u00fcber \"reallloc()\", wenn SSH Schl\u00fcssel gelesen werden. In der Folge kann ein Angreifer diese Schwachstelle ausnutzen, um Teile des Host Private Key offenzulegen."
}
],
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T034583",
"398363"
]
},
"release_date": "2016-12-19T23:00:00.000+00:00",
"title": "CVE-2016-10011"
},
{
"cve": "CVE-2016-10012",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in OpenSSH in Verbindung mit sshd(8). Die Schwachstelle basiert auf einer fehlerhaften Kontrolle der Puffergrenzen des \"Shared Memory Managers\". Ein Angreifer kann diese Schwachstelle ausnutzen, um seine Privilegien zu erh\u00f6hen."
}
],
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T034583",
"398363"
]
},
"release_date": "2016-12-19T23:00:00.000+00:00",
"title": "CVE-2016-10012"
},
{
"notes": [
{
"category": "description",
"text": "Es existiert eine Denial of Service Schwachstelle in OpenSSH im Zusammenhang mit sshd(8). Diese Schwachstelle besteht aufgrund fehlerhafter Verarbeitung von KEXINIT Nachrichten. In der Folge kann ein entfernter anonymer Angreifer diese Schwachstelle durch Senden von mehreren KEXINIT Nachrichten ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"4035",
"T000126",
"7654",
"T034583",
"5930",
"398363",
"5094",
"T004571",
"T012790"
]
},
"release_date": "2016-12-20T23:00:00.000+00:00"
},
{
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in OpenSSH in Verbindung mit sshd(8). Diese Schwachstelle beruht darauf, dass Adressbereichen f\u00fcr \"AllowUser\" und \"DenyUsers\" Direktiven fehlerhaft validiert werden. In der Folge werden durch die Konfiguration ung\u00fcltiger CIDR Adressbereiche (z.B. benutzer@127.1.1.2/55) Zugriffe erlaubt bzw. erm\u00f6glicht, welche nicht beabsichtigt wurden."
}
],
"product_status": {
"known_affected": [
"T014381",
"T002207",
"T000126",
"T034583",
"398363"
]
},
"release_date": "2016-12-20T23:00:00.000+00:00"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…