Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2008-1483 (GCVE-0-2008-1483)
Vulnerability from cvelistv5 – Published: 2008-03-24 23:00 – Updated: 2024-08-07 08:24
VLAI
EPSS
Summary
OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
55 references
Date Public
2008-03-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:24:42.118Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2008-1123",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1123/references"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.attachmate.com/techdocs/2374.html"
},
{
"name": "DSA-1576",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1576"
},
{
"name": "29554",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29554"
},
{
"name": "ADV-2008-1526",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1526/references"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-205.htm"
},
{
"name": "ADV-2008-1630",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1630/references"
},
{
"name": "[security-announce] 20080403 Globus Security Advisory 2008-01: GSI-OpenSSH vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.globus.org/mail_archive/security-announce/2008/04/msg00000.html"
},
{
"name": "29686",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29686"
},
{
"name": "APPLE-SA-2008-09-15",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"
},
{
"name": "31531",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31531"
},
{
"name": "SSA:2008-095-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.540188"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://aix.software.ibm.com/aix/efixes/security/ssh_advisory.asc"
},
{
"name": "HPSBUX02337",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01462841"
},
{
"name": "openssh-sshd-session-hijacking(41438)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41438"
},
{
"name": "USN-597-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/597-1/"
},
{
"name": "1019235",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1019235.1-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463011"
},
{
"name": "TA08-260A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-2397"
},
{
"name": "ADV-2008-1624",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1624/references"
},
{
"name": "ADV-2008-2584",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2584"
},
{
"name": "30249",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30249"
},
{
"name": "20130220 OpenSSH Forwarded X Connection Session Hijack Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2008-1483"
},
{
"name": "29735",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29735"
},
{
"name": "29683",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29683"
},
{
"name": "30361",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30361"
},
{
"name": "31882",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31882"
},
{
"name": "SUSE-SR:2008:009",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00007.html"
},
{
"name": "SSRT080072",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01462841"
},
{
"name": "29721",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29721"
},
{
"name": "ADV-2008-2396",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2396"
},
{
"name": "29522",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29522"
},
{
"name": "30086",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30086"
},
{
"name": "29939",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29939"
},
{
"name": "30347",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30347"
},
{
"name": "oval:org.mitre.oval:def:6085",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6085"
},
{
"name": "ADV-2008-0994",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0994/references"
},
{
"name": "1019707",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019707"
},
{
"name": "237444",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237444-1"
},
{
"name": "MDVSA-2008:078",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:078"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=590180\u0026group_id=69227"
},
{
"name": "29676",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29676"
},
{
"name": "29873",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29873"
},
{
"name": "29537",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29537"
},
{
"name": "29626",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29626"
},
{
"name": "20080325 rPSA-2008-0120-1 gnome-ssh-askpass openssh openssh-client openssh-server",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/490054/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0120"
},
{
"name": "ADV-2008-1448",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1448/references"
},
{
"name": "NetBSD-SA2008-005",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-005.txt.asc"
},
{
"name": "30230",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30230"
},
{
"name": "28444",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28444"
},
{
"name": "GLSA-200804-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-03.xml"
},
{
"name": "FreeBSD-SA-08:05",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "http://security.FreeBSD.org/advisories/FreeBSD-SA-08:05.openssh.asc"
},
{
"name": "ADV-2008-1124",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1124/references"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2008-1123",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1123/references"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.attachmate.com/techdocs/2374.html"
},
{
"name": "DSA-1576",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1576"
},
{
"name": "29554",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29554"
},
{
"name": "ADV-2008-1526",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1526/references"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-205.htm"
},
{
"name": "ADV-2008-1630",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1630/references"
},
{
"name": "[security-announce] 20080403 Globus Security Advisory 2008-01: GSI-OpenSSH vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.globus.org/mail_archive/security-announce/2008/04/msg00000.html"
},
{
"name": "29686",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29686"
},
{
"name": "APPLE-SA-2008-09-15",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"
},
{
"name": "31531",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31531"
},
{
"name": "SSA:2008-095-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.540188"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://aix.software.ibm.com/aix/efixes/security/ssh_advisory.asc"
},
{
"name": "HPSBUX02337",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01462841"
},
{
"name": "openssh-sshd-session-hijacking(41438)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41438"
},
{
"name": "USN-597-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/597-1/"
},
{
"name": "1019235",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1019235.1-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463011"
},
{
"name": "TA08-260A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-2397"
},
{
"name": "ADV-2008-1624",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1624/references"
},
{
"name": "ADV-2008-2584",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2584"
},
{
"name": "30249",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30249"
},
{
"name": "20130220 OpenSSH Forwarded X Connection Session Hijack Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2008-1483"
},
{
"name": "29735",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29735"
},
{
"name": "29683",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29683"
},
{
"name": "30361",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30361"
},
{
"name": "31882",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31882"
},
{
"name": "SUSE-SR:2008:009",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00007.html"
},
{
"name": "SSRT080072",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01462841"
},
{
"name": "29721",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29721"
},
{
"name": "ADV-2008-2396",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2396"
},
{
"name": "29522",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29522"
},
{
"name": "30086",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30086"
},
{
"name": "29939",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29939"
},
{
"name": "30347",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30347"
},
{
"name": "oval:org.mitre.oval:def:6085",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6085"
},
{
"name": "ADV-2008-0994",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0994/references"
},
{
"name": "1019707",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019707"
},
{
"name": "237444",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237444-1"
},
{
"name": "MDVSA-2008:078",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:078"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=590180\u0026group_id=69227"
},
{
"name": "29676",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29676"
},
{
"name": "29873",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29873"
},
{
"name": "29537",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29537"
},
{
"name": "29626",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29626"
},
{
"name": "20080325 rPSA-2008-0120-1 gnome-ssh-askpass openssh openssh-client openssh-server",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/490054/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0120"
},
{
"name": "ADV-2008-1448",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1448/references"
},
{
"name": "NetBSD-SA2008-005",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-005.txt.asc"
},
{
"name": "30230",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30230"
},
{
"name": "28444",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28444"
},
{
"name": "GLSA-200804-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-03.xml"
},
{
"name": "FreeBSD-SA-08:05",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "http://security.FreeBSD.org/advisories/FreeBSD-SA-08:05.openssh.asc"
},
{
"name": "ADV-2008-1124",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1124/references"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1483",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2008-1123",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1123/references"
},
{
"name": "http://support.attachmate.com/techdocs/2374.html",
"refsource": "CONFIRM",
"url": "http://support.attachmate.com/techdocs/2374.html"
},
{
"name": "DSA-1576",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1576"
},
{
"name": "29554",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29554"
},
{
"name": "ADV-2008-1526",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1526/references"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-205.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-205.htm"
},
{
"name": "ADV-2008-1630",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1630/references"
},
{
"name": "[security-announce] 20080403 Globus Security Advisory 2008-01: GSI-OpenSSH vulnerability",
"refsource": "MLIST",
"url": "http://www.globus.org/mail_archive/security-announce/2008/04/msg00000.html"
},
{
"name": "29686",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29686"
},
{
"name": "APPLE-SA-2008-09-15",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"
},
{
"name": "31531",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31531"
},
{
"name": "SSA:2008-095-01",
"refsource": "SLACKWARE",
"url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.540188"
},
{
"name": "http://aix.software.ibm.com/aix/efixes/security/ssh_advisory.asc",
"refsource": "CONFIRM",
"url": "http://aix.software.ibm.com/aix/efixes/security/ssh_advisory.asc"
},
{
"name": "HPSBUX02337",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01462841"
},
{
"name": "openssh-sshd-session-hijacking(41438)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41438"
},
{
"name": "USN-597-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/597-1/"
},
{
"name": "1019235",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1019235.1-1"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463011",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463011"
},
{
"name": "TA08-260A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html"
},
{
"name": "https://issues.rpath.com/browse/RPL-2397",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-2397"
},
{
"name": "ADV-2008-1624",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1624/references"
},
{
"name": "ADV-2008-2584",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2584"
},
{
"name": "30249",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30249"
},
{
"name": "20130220 OpenSSH Forwarded X Connection Session Hijack Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2008-1483"
},
{
"name": "29735",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29735"
},
{
"name": "29683",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29683"
},
{
"name": "30361",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30361"
},
{
"name": "31882",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31882"
},
{
"name": "SUSE-SR:2008:009",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00007.html"
},
{
"name": "SSRT080072",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01462841"
},
{
"name": "29721",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29721"
},
{
"name": "ADV-2008-2396",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2396"
},
{
"name": "29522",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29522"
},
{
"name": "30086",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30086"
},
{
"name": "29939",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29939"
},
{
"name": "30347",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30347"
},
{
"name": "oval:org.mitre.oval:def:6085",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6085"
},
{
"name": "ADV-2008-0994",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0994/references"
},
{
"name": "1019707",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019707"
},
{
"name": "237444",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237444-1"
},
{
"name": "MDVSA-2008:078",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:078"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=590180\u0026group_id=69227",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=590180\u0026group_id=69227"
},
{
"name": "29676",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29676"
},
{
"name": "29873",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29873"
},
{
"name": "29537",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29537"
},
{
"name": "29626",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29626"
},
{
"name": "20080325 rPSA-2008-0120-1 gnome-ssh-askpass openssh openssh-client openssh-server",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/490054/100/0/threaded"
},
{
"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0120",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0120"
},
{
"name": "ADV-2008-1448",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1448/references"
},
{
"name": "NetBSD-SA2008-005",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-005.txt.asc"
},
{
"name": "30230",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30230"
},
{
"name": "28444",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28444"
},
{
"name": "GLSA-200804-03",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-03.xml"
},
{
"name": "FreeBSD-SA-08:05",
"refsource": "FREEBSD",
"url": "http://security.FreeBSD.org/advisories/FreeBSD-SA-08:05.openssh.asc"
},
{
"name": "ADV-2008-1124",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1124/references"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1483",
"datePublished": "2008-03-24T23:00:00.000Z",
"dateReserved": "2008-03-24T00:00:00.000Z",
"dateUpdated": "2024-08-07T08:24:42.118Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2008-1483",
"date": "2026-05-27",
"epss": "0.00201",
"percentile": "0.41955"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openbsd:openssh:4.3p2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3640CCC9-EC4A-44A4-B747-7BAAAD3460C7\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.\"}, {\"lang\": \"es\", \"value\": \"OpenSSH 4.3p2 y probablemente otras versiones, permite a usuarios locales secuestrar conexiones X enviadas provocando que ssh ponga DISPLAY a :10, incluso cuando otro proceso est\\u00e1 escuchando en el puerto asociado, como se demostr\\u00f3 abriendo el puerto TCp 6010 (IPv4) y escaneando una cookie enviada por Emacs.\"}]",
"id": "CVE-2008-1483",
"lastModified": "2024-11-21T00:44:38.780",
"metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 6.9, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.4, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2008-03-24T23:44:00.000",
"references": "[{\"url\": \"ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-005.txt.asc\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://aix.software.ibm.com/aix/efixes/security/ssh_advisory.asc\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463011\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01462841\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01462841\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00007.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/29522\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29537\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29554\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29626\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29676\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29683\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29686\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29721\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29735\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29873\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29939\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/30086\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/30230\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/30249\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/30347\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/30361\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/31531\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/31882\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://security.FreeBSD.org/advisories/FreeBSD-SA-08:05.openssh.asc\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://sourceforge.net/project/shownotes.php?release_id=590180\u0026group_id=69227\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-26-237444-1\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1019235.1-1\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://support.attachmate.com/techdocs/2374.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://support.avaya.com/elmodocs2/security/ASA-2008-205.htm\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2008-1483\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0120\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.debian.org/security/2008/dsa-1576\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.gentoo.org/security/en/glsa/glsa-200804-03.xml\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.globus.org/mail_archive/security-announce/2008/04/msg00000.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2008:078\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/archive/1/490054/100/0/threaded\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/28444\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securitytracker.com/id?1019707\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.540188\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA08-260A.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0994/references\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/1123/references\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/1124/references\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/1448/references\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/1526/references\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/1624/references\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/1630/references\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/2396\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/2584\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/41438\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://issues.rpath.com/browse/RPL-2397\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6085\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://usn.ubuntu.com/597-1/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-005.txt.asc\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://aix.software.ibm.com/aix/efixes/security/ssh_advisory.asc\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463011\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01462841\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01462841\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00007.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/29522\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29537\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29554\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29626\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29676\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29683\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29686\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29721\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29735\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29873\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29939\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/30086\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/30230\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/30249\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/30347\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/30361\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/31531\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/31882\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://security.FreeBSD.org/advisories/FreeBSD-SA-08:05.openssh.asc\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://sourceforge.net/project/shownotes.php?release_id=590180\u0026group_id=69227\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-26-237444-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1019235.1-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://support.attachmate.com/techdocs/2374.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://support.avaya.com/elmodocs2/security/ASA-2008-205.htm\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2008-1483\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0120\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.debian.org/security/2008/dsa-1576\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.gentoo.org/security/en/glsa/glsa-200804-03.xml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.globus.org/mail_archive/security-announce/2008/04/msg00000.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2008:078\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/490054/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/28444\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id?1019707\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.540188\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA08-260A.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0994/references\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/1123/references\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/1124/references\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/1448/references\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/1526/references\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/1624/references\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/1630/references\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/2396\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/2584\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/41438\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://issues.rpath.com/browse/RPL-2397\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6085\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://usn.ubuntu.com/597-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "cve@mitre.org",
"vendorComments": "[{\"organization\": \"Red Hat\", \"comment\": \"All openssh versions shipped in Red Hat Enterprise Linux 5 include the patch for this issue.\\n\\nThis issue was fixed in Red Hat Enterprise Linux 4 via: https://rhn.redhat.com/errata/RHSA-2005-527.html\\n\\nRed Hat Enterprise Linux 3 is affected by this issue. The Red Hat Security Response Team has rated this issue as having low security\\nimpact. https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-1483\\n\", \"lastModified\": \"2010-03-19T00:00:00\"}]",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-264\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2008-1483\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2008-03-24T23:44:00.000\",\"lastModified\":\"2026-04-23T00:35:47.467\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.\"},{\"lang\":\"es\",\"value\":\"OpenSSH 4.3p2 y probablemente otras versiones, permite a usuarios locales secuestrar conexiones X enviadas provocando que ssh ponga DISPLAY a :10, incluso cuando otro proceso est\u00e1 escuchando en el puerto asociado, como se demostr\u00f3 abriendo el puerto TCp 6010 (IPv4) y escaneando una cookie enviada por Emacs.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":6.9,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.4,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openbsd:openssh:4.3p2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3640CCC9-EC4A-44A4-B747-7BAAAD3460C7\"}]}]}],\"references\":[{\"url\":\"ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-005.txt.asc\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://aix.software.ibm.com/aix/efixes/security/ssh_advisory.asc\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463011\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01462841\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00007.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/29522\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29537\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29554\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29626\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29676\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29683\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29686\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29721\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29735\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29873\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29939\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/30086\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/30230\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/30249\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/30347\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/30361\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/31531\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/31882\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://security.FreeBSD.org/advisories/FreeBSD-SA-08:05.openssh.asc\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://sourceforge.net/project/shownotes.php?release_id=590180\u0026group_id=69227\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-237444-1\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1019235.1-1\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://support.attachmate.com/techdocs/2374.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2008-205.htm\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2008-1483\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0120\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2008/dsa-1576\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200804-03.xml\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.globus.org/mail_archive/security-announce/2008/04/msg00000.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2008:078\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/490054/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/28444\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id?1019707\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.540188\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA08-260A.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0994/references\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/1123/references\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/1124/references\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/1448/references\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/1526/references\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/1624/references\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/1630/references\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/2396\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/2584\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/41438\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://issues.rpath.com/browse/RPL-2397\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6085\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://usn.ubuntu.com/597-1/\",\"source\":\"cve@mitre.org\"},{\"url\":\"ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-005.txt.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://aix.software.ibm.com/aix/efixes/security/ssh_advisory.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463011\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01462841\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00007.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/29522\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29537\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29554\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29626\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29676\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29683\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29686\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29721\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29735\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29873\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29939\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/30086\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/30230\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/30249\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/30347\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/30361\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/31531\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/31882\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://security.FreeBSD.org/advisories/FreeBSD-SA-08:05.openssh.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://sourceforge.net/project/shownotes.php?release_id=590180\u0026group_id=69227\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-237444-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1019235.1-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.attachmate.com/techdocs/2374.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2008-205.htm\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2008-1483\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0120\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2008/dsa-1576\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200804-03.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.globus.org/mail_archive/security-announce/2008/04/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2008:078\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/490054/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/28444\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1019707\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.540188\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA08-260A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0994/references\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/1123/references\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/1124/references\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/1448/references\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/1526/references\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/1624/references\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/1630/references\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/2396\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/2584\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/41438\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://issues.rpath.com/browse/RPL-2397\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6085\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://usn.ubuntu.com/597-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"vendorComments\":[{\"organization\":\"Red Hat\",\"comment\":\"All openssh versions shipped in Red Hat Enterprise Linux 5 include the patch for this issue.\\n\\nThis issue was fixed in Red Hat Enterprise Linux 4 via: https://rhn.redhat.com/errata/RHSA-2005-527.html\\n\\nRed Hat Enterprise Linux 3 is affected by this issue. The Red Hat Security Response Team has rated this issue as having low security\\nimpact. https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-1483\\n\",\"lastModified\":\"2010-03-19T00:00:00\"}]}}"
}
}
RHSA-2005:527
Vulnerability from csaf_redhat - Published: 2005-10-05 11:54 - Updated: 2025-11-21 17:29Summary
Red Hat Security Advisory: openssh security update
Severity
Moderate
Notes
Topic: Updated openssh packages that fix a security issue, bugs, and add support
for recording login user IDs for audit are now available for Red Hat
Enterprise Linux 4.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
Details: OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation.
An error in the way OpenSSH handled GSSAPI credential delegation was
discovered. OpenSSH as distributed with Red Hat Enterprise Linux 4 contains
support for GSSAPI user authentication, typically used for supporting
Kerberos. On OpenSSH installations which have GSSAPI enabled, this flaw
could allow a user who sucessfully authenticates using a method other than
GSSAPI to be delegated with GSSAPI credentials. The Common Vulnerabilities
and Exposures project (cve.mitre.org) has assigned the name CAN-2005-2798
to this issue.
Additionally, the following bugs have been addressed:
The ssh command incorrectly failed when it was issued by the root user with
a non-default group set.
The sshd daemon could fail to properly close the client connection if
multiple X clients were forwarded over the connection and the client
session exited.
The sshd daemon could bind only on the IPv6 address family for X forwarding
if the port on IPv4 address family was already bound. The X forwarding did
not work in such cases.
This update also adds support for recording login user IDs for the auditing
service. The user ID is attached to the audit records generated from the
user's session.
All users of openssh should upgrade to these updated packages, which
contain backported patches to resolve these issues.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts.
Affected products
Fixed
148 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS:openssh-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-0:3.9p1-8.RHEL4.9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-clients-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-server-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-server-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-server-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-0:3.9p1-8.RHEL4.9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-0:3.9p1-8.RHEL4.9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-clients-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-server-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-server-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-server-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-server-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-0:3.9p1-8.RHEL4.9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-clients-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-server-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-server-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-server-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.
Affected products
Fixed
148 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS:openssh-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-0:3.9p1-8.RHEL4.9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-clients-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-server-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-server-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-server-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-0:3.9p1-8.RHEL4.9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-0:3.9p1-8.RHEL4.9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-clients-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-server-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-server-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-server-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-server-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-0:3.9p1-8.RHEL4.9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-clients-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-server-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-server-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-server-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
References
13 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated openssh packages that fix a security issue, bugs, and add support\nfor recording login user IDs for audit are now available for Red Hat\nEnterprise Linux 4.\n\nThis update has been rated as having moderate security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenSSH is OpenBSD\u0027s SSH (Secure SHell) protocol implementation. \n\nAn error in the way OpenSSH handled GSSAPI credential delegation was\ndiscovered. OpenSSH as distributed with Red Hat Enterprise Linux 4 contains\nsupport for GSSAPI user authentication, typically used for supporting\nKerberos. On OpenSSH installations which have GSSAPI enabled, this flaw\ncould allow a user who sucessfully authenticates using a method other than\nGSSAPI to be delegated with GSSAPI credentials. The Common Vulnerabilities\nand Exposures project (cve.mitre.org) has assigned the name CAN-2005-2798\nto this issue.\n\nAdditionally, the following bugs have been addressed:\n\nThe ssh command incorrectly failed when it was issued by the root user with\na non-default group set.\n\nThe sshd daemon could fail to properly close the client connection if\nmultiple X clients were forwarded over the connection and the client\nsession exited.\n\nThe sshd daemon could bind only on the IPv6 address family for X forwarding\nif the port on IPv4 address family was already bound. The X forwarding did\nnot work in such cases.\n\nThis update also adds support for recording login user IDs for the auditing\nservice. The user ID is attached to the audit records generated from the\nuser\u0027s session.\n\nAll users of openssh should upgrade to these updated packages, which\ncontain backported patches to resolve these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2005:527",
"url": "https://access.redhat.com/errata/RHSA-2005:527"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "159331",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=159331"
},
{
"category": "external",
"summary": "167444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=167444"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2005/rhsa-2005_527.json"
}
],
"title": "Red Hat Security Advisory: openssh security update",
"tracking": {
"current_release_date": "2025-11-21T17:29:15+00:00",
"generator": {
"date": "2025-11-21T17:29:15+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2005:527",
"initial_release_date": "2005-10-05T11:54:00+00:00",
"revision_history": [
{
"date": "2005-10-05T11:54:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2005-10-05T00:00:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:29:15+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4",
"product": {
"name": "Red Hat Enterprise Linux AS version 4",
"product_id": "4AS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop version 4",
"product": {
"name": "Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::desktop"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4",
"product": {
"name": "Red Hat Enterprise Linux ES version 4",
"product_id": "4ES",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4",
"product": {
"name": "Red Hat Enterprise Linux WS version 4",
"product_id": "4WS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::ws"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"product": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"product_id": "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-askpass@3.9p1-8.RHEL4.9?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"product": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"product_id": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-askpass-gnome@3.9p1-8.RHEL4.9?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"product": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"product_id": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-debuginfo@3.9p1-8.RHEL4.9?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"product": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"product_id": "openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-server@3.9p1-8.RHEL4.9?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "openssh-0:3.9p1-8.RHEL4.9.ia64",
"product": {
"name": "openssh-0:3.9p1-8.RHEL4.9.ia64",
"product_id": "openssh-0:3.9p1-8.RHEL4.9.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh@3.9p1-8.RHEL4.9?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"product": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"product_id": "openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-clients@3.9p1-8.RHEL4.9?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"product": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"product_id": "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-askpass@3.9p1-8.RHEL4.9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"product": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"product_id": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-askpass-gnome@3.9p1-8.RHEL4.9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"product": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"product_id": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-debuginfo@3.9p1-8.RHEL4.9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openssh-server-0:3.9p1-8.RHEL4.9.x86_64",
"product": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.x86_64",
"product_id": "openssh-server-0:3.9p1-8.RHEL4.9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-server@3.9p1-8.RHEL4.9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openssh-0:3.9p1-8.RHEL4.9.x86_64",
"product": {
"name": "openssh-0:3.9p1-8.RHEL4.9.x86_64",
"product_id": "openssh-0:3.9p1-8.RHEL4.9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh@3.9p1-8.RHEL4.9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"product": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"product_id": "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-clients@3.9p1-8.RHEL4.9?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"product": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"product_id": "openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-askpass@3.9p1-8.RHEL4.9?arch=i386"
}
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"product": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"product_id": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-askpass-gnome@3.9p1-8.RHEL4.9?arch=i386"
}
}
},
{
"category": "product_version",
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"product": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"product_id": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-debuginfo@3.9p1-8.RHEL4.9?arch=i386"
}
}
},
{
"category": "product_version",
"name": "openssh-server-0:3.9p1-8.RHEL4.9.i386",
"product": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.i386",
"product_id": "openssh-server-0:3.9p1-8.RHEL4.9.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-server@3.9p1-8.RHEL4.9?arch=i386"
}
}
},
{
"category": "product_version",
"name": "openssh-0:3.9p1-8.RHEL4.9.i386",
"product": {
"name": "openssh-0:3.9p1-8.RHEL4.9.i386",
"product_id": "openssh-0:3.9p1-8.RHEL4.9.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh@3.9p1-8.RHEL4.9?arch=i386"
}
}
},
{
"category": "product_version",
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"product": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"product_id": "openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-clients@3.9p1-8.RHEL4.9?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-0:3.9p1-8.RHEL4.9.src",
"product": {
"name": "openssh-0:3.9p1-8.RHEL4.9.src",
"product_id": "openssh-0:3.9p1-8.RHEL4.9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh@3.9p1-8.RHEL4.9?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"product": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"product_id": "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-askpass@3.9p1-8.RHEL4.9?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"product": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"product_id": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-askpass-gnome@3.9p1-8.RHEL4.9?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"product": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"product_id": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-debuginfo@3.9p1-8.RHEL4.9?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"product": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"product_id": "openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-server@3.9p1-8.RHEL4.9?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "openssh-0:3.9p1-8.RHEL4.9.ppc",
"product": {
"name": "openssh-0:3.9p1-8.RHEL4.9.ppc",
"product_id": "openssh-0:3.9p1-8.RHEL4.9.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh@3.9p1-8.RHEL4.9?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"product": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"product_id": "openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-clients@3.9p1-8.RHEL4.9?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"product": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"product_id": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-askpass@3.9p1-8.RHEL4.9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"product": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"product_id": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-askpass-gnome@3.9p1-8.RHEL4.9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"product": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"product_id": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-debuginfo@3.9p1-8.RHEL4.9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"product": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"product_id": "openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-server@3.9p1-8.RHEL4.9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openssh-0:3.9p1-8.RHEL4.9.s390x",
"product": {
"name": "openssh-0:3.9p1-8.RHEL4.9.s390x",
"product_id": "openssh-0:3.9p1-8.RHEL4.9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh@3.9p1-8.RHEL4.9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"product": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"product_id": "openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-clients@3.9p1-8.RHEL4.9?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"product": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"product_id": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-askpass@3.9p1-8.RHEL4.9?arch=s390"
}
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"product": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"product_id": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-askpass-gnome@3.9p1-8.RHEL4.9?arch=s390"
}
}
},
{
"category": "product_version",
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"product": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"product_id": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-debuginfo@3.9p1-8.RHEL4.9?arch=s390"
}
}
},
{
"category": "product_version",
"name": "openssh-server-0:3.9p1-8.RHEL4.9.s390",
"product": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.s390",
"product_id": "openssh-server-0:3.9p1-8.RHEL4.9.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-server@3.9p1-8.RHEL4.9?arch=s390"
}
}
},
{
"category": "product_version",
"name": "openssh-0:3.9p1-8.RHEL4.9.s390",
"product": {
"name": "openssh-0:3.9p1-8.RHEL4.9.s390",
"product_id": "openssh-0:3.9p1-8.RHEL4.9.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh@3.9p1-8.RHEL4.9?arch=s390"
}
}
},
{
"category": "product_version",
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"product": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"product_id": "openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-clients@3.9p1-8.RHEL4.9?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.src as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-0:3.9p1-8.RHEL4.9.src"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.src",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-server-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-server-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-server-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.src as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-0:3.9p1-8.RHEL4.9.src"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.src",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.src as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-0:3.9p1-8.RHEL4.9.src"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.src",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-server-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-server-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-server-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-server-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.src as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-0:3.9p1-8.RHEL4.9.src"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.src",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-server-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-server-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-server-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4WS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2005-2798",
"discovery_date": "2005-09-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617757"
}
],
"notes": [
{
"category": "description",
"text": "sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect Red Hat Enterprise Linux 2.1 and 3.\n\nThis flaw was fixed in Red Hat Enterprise Linux 4 via errata RHSA-2005:527:\nhttp://rhn.redhat.com/errata/RHSA-2005-527.html",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"4AS:openssh-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-0:3.9p1-8.RHEL4.9.src",
"4AS:openssh-0:3.9p1-8.RHEL4.9.x86_64",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.src",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-0:3.9p1-8.RHEL4.9.src",
"4ES:openssh-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-0:3.9p1-8.RHEL4.9.src",
"4WS:openssh-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2005-2798"
},
{
"category": "external",
"summary": "RHBZ#1617757",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617757"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2005-2798",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-2798"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2005-2798",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2005-2798"
}
],
"release_date": "2005-09-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2005-10-05T11:54:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/",
"product_ids": [
"4AS:openssh-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-0:3.9p1-8.RHEL4.9.src",
"4AS:openssh-0:3.9p1-8.RHEL4.9.x86_64",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.src",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-0:3.9p1-8.RHEL4.9.src",
"4ES:openssh-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-0:3.9p1-8.RHEL4.9.src",
"4WS:openssh-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2005:527"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2008-1483",
"discovery_date": "2008-01-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "439079"
}
],
"notes": [
{
"category": "description",
"text": "OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssh may set DISPLAY even if it\u0027s unable to listen on respective port",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "All openssh versions shipped in Red Hat Enterprise Linux 5 include the patch for this issue. Red Hat Enterprise Linux 3 is affected by this issue.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"4AS:openssh-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-0:3.9p1-8.RHEL4.9.src",
"4AS:openssh-0:3.9p1-8.RHEL4.9.x86_64",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.src",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-0:3.9p1-8.RHEL4.9.src",
"4ES:openssh-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-0:3.9p1-8.RHEL4.9.src",
"4WS:openssh-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-1483"
},
{
"category": "external",
"summary": "RHBZ#439079",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=439079"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-1483",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1483"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1483",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1483"
}
],
"release_date": "2008-01-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2005-10-05T11:54:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/",
"product_ids": [
"4AS:openssh-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-0:3.9p1-8.RHEL4.9.src",
"4AS:openssh-0:3.9p1-8.RHEL4.9.x86_64",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.src",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-0:3.9p1-8.RHEL4.9.src",
"4ES:openssh-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-0:3.9p1-8.RHEL4.9.src",
"4WS:openssh-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2005:527"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssh may set DISPLAY even if it\u0027s unable to listen on respective port"
}
]
}
RHSA-2005_527
Vulnerability from csaf_redhat - Published: 2005-10-05 11:54 - Updated: 2024-11-21 23:51Summary
Red Hat Security Advisory: openssh security update
Severity
Moderate
Notes
Topic: Updated openssh packages that fix a security issue, bugs, and add support
for recording login user IDs for audit are now available for Red Hat
Enterprise Linux 4.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
Details: OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation.
An error in the way OpenSSH handled GSSAPI credential delegation was
discovered. OpenSSH as distributed with Red Hat Enterprise Linux 4 contains
support for GSSAPI user authentication, typically used for supporting
Kerberos. On OpenSSH installations which have GSSAPI enabled, this flaw
could allow a user who sucessfully authenticates using a method other than
GSSAPI to be delegated with GSSAPI credentials. The Common Vulnerabilities
and Exposures project (cve.mitre.org) has assigned the name CAN-2005-2798
to this issue.
Additionally, the following bugs have been addressed:
The ssh command incorrectly failed when it was issued by the root user with
a non-default group set.
The sshd daemon could fail to properly close the client connection if
multiple X clients were forwarded over the connection and the client
session exited.
The sshd daemon could bind only on the IPv6 address family for X forwarding
if the port on IPv4 address family was already bound. The X forwarding did
not work in such cases.
This update also adds support for recording login user IDs for the auditing
service. The user ID is attached to the audit records generated from the
user's session.
All users of openssh should upgrade to these updated packages, which
contain backported patches to resolve these issues.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts.
Affected products
Fixed
148 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS:openssh-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-0:3.9p1-8.RHEL4.9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-clients-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-server-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-server-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-server-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-0:3.9p1-8.RHEL4.9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-0:3.9p1-8.RHEL4.9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-clients-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-server-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-server-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-server-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-server-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-0:3.9p1-8.RHEL4.9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-clients-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-server-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-server-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-server-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.
Affected products
Fixed
148 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS:openssh-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-0:3.9p1-8.RHEL4.9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-clients-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-server-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-server-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-server-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-0:3.9p1-8.RHEL4.9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-0:3.9p1-8.RHEL4.9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-clients-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-server-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-server-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-server-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:openssh-server-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-0:3.9p1-8.RHEL4.9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-clients-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-server-0:3.9p1-8.RHEL4.9.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-server-0:3.9p1-8.RHEL4.9.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-server-0:3.9p1-8.RHEL4.9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
References
13 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated openssh packages that fix a security issue, bugs, and add support\nfor recording login user IDs for audit are now available for Red Hat\nEnterprise Linux 4.\n\nThis update has been rated as having moderate security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenSSH is OpenBSD\u0027s SSH (Secure SHell) protocol implementation. \n\nAn error in the way OpenSSH handled GSSAPI credential delegation was\ndiscovered. OpenSSH as distributed with Red Hat Enterprise Linux 4 contains\nsupport for GSSAPI user authentication, typically used for supporting\nKerberos. On OpenSSH installations which have GSSAPI enabled, this flaw\ncould allow a user who sucessfully authenticates using a method other than\nGSSAPI to be delegated with GSSAPI credentials. The Common Vulnerabilities\nand Exposures project (cve.mitre.org) has assigned the name CAN-2005-2798\nto this issue.\n\nAdditionally, the following bugs have been addressed:\n\nThe ssh command incorrectly failed when it was issued by the root user with\na non-default group set.\n\nThe sshd daemon could fail to properly close the client connection if\nmultiple X clients were forwarded over the connection and the client\nsession exited.\n\nThe sshd daemon could bind only on the IPv6 address family for X forwarding\nif the port on IPv4 address family was already bound. The X forwarding did\nnot work in such cases.\n\nThis update also adds support for recording login user IDs for the auditing\nservice. The user ID is attached to the audit records generated from the\nuser\u0027s session.\n\nAll users of openssh should upgrade to these updated packages, which\ncontain backported patches to resolve these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2005:527",
"url": "https://access.redhat.com/errata/RHSA-2005:527"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "159331",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=159331"
},
{
"category": "external",
"summary": "167444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=167444"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2005/rhsa-2005_527.json"
}
],
"title": "Red Hat Security Advisory: openssh security update",
"tracking": {
"current_release_date": "2024-11-21T23:51:40+00:00",
"generator": {
"date": "2024-11-21T23:51:40+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2005:527",
"initial_release_date": "2005-10-05T11:54:00+00:00",
"revision_history": [
{
"date": "2005-10-05T11:54:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2005-10-05T00:00:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-21T23:51:40+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4",
"product": {
"name": "Red Hat Enterprise Linux AS version 4",
"product_id": "4AS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop version 4",
"product": {
"name": "Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::desktop"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4",
"product": {
"name": "Red Hat Enterprise Linux ES version 4",
"product_id": "4ES",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4",
"product": {
"name": "Red Hat Enterprise Linux WS version 4",
"product_id": "4WS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::ws"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"product": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"product_id": "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-askpass@3.9p1-8.RHEL4.9?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"product": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"product_id": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-askpass-gnome@3.9p1-8.RHEL4.9?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"product": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"product_id": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-debuginfo@3.9p1-8.RHEL4.9?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"product": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"product_id": "openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-server@3.9p1-8.RHEL4.9?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "openssh-0:3.9p1-8.RHEL4.9.ia64",
"product": {
"name": "openssh-0:3.9p1-8.RHEL4.9.ia64",
"product_id": "openssh-0:3.9p1-8.RHEL4.9.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh@3.9p1-8.RHEL4.9?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"product": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"product_id": "openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-clients@3.9p1-8.RHEL4.9?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"product": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"product_id": "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-askpass@3.9p1-8.RHEL4.9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"product": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"product_id": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-askpass-gnome@3.9p1-8.RHEL4.9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"product": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"product_id": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-debuginfo@3.9p1-8.RHEL4.9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openssh-server-0:3.9p1-8.RHEL4.9.x86_64",
"product": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.x86_64",
"product_id": "openssh-server-0:3.9p1-8.RHEL4.9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-server@3.9p1-8.RHEL4.9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openssh-0:3.9p1-8.RHEL4.9.x86_64",
"product": {
"name": "openssh-0:3.9p1-8.RHEL4.9.x86_64",
"product_id": "openssh-0:3.9p1-8.RHEL4.9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh@3.9p1-8.RHEL4.9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"product": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"product_id": "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-clients@3.9p1-8.RHEL4.9?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"product": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"product_id": "openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-askpass@3.9p1-8.RHEL4.9?arch=i386"
}
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"product": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"product_id": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-askpass-gnome@3.9p1-8.RHEL4.9?arch=i386"
}
}
},
{
"category": "product_version",
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"product": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"product_id": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-debuginfo@3.9p1-8.RHEL4.9?arch=i386"
}
}
},
{
"category": "product_version",
"name": "openssh-server-0:3.9p1-8.RHEL4.9.i386",
"product": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.i386",
"product_id": "openssh-server-0:3.9p1-8.RHEL4.9.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-server@3.9p1-8.RHEL4.9?arch=i386"
}
}
},
{
"category": "product_version",
"name": "openssh-0:3.9p1-8.RHEL4.9.i386",
"product": {
"name": "openssh-0:3.9p1-8.RHEL4.9.i386",
"product_id": "openssh-0:3.9p1-8.RHEL4.9.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh@3.9p1-8.RHEL4.9?arch=i386"
}
}
},
{
"category": "product_version",
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"product": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"product_id": "openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-clients@3.9p1-8.RHEL4.9?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-0:3.9p1-8.RHEL4.9.src",
"product": {
"name": "openssh-0:3.9p1-8.RHEL4.9.src",
"product_id": "openssh-0:3.9p1-8.RHEL4.9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh@3.9p1-8.RHEL4.9?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"product": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"product_id": "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-askpass@3.9p1-8.RHEL4.9?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"product": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"product_id": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-askpass-gnome@3.9p1-8.RHEL4.9?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"product": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"product_id": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-debuginfo@3.9p1-8.RHEL4.9?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"product": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"product_id": "openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-server@3.9p1-8.RHEL4.9?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "openssh-0:3.9p1-8.RHEL4.9.ppc",
"product": {
"name": "openssh-0:3.9p1-8.RHEL4.9.ppc",
"product_id": "openssh-0:3.9p1-8.RHEL4.9.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh@3.9p1-8.RHEL4.9?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"product": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"product_id": "openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-clients@3.9p1-8.RHEL4.9?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"product": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"product_id": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-askpass@3.9p1-8.RHEL4.9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"product": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"product_id": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-askpass-gnome@3.9p1-8.RHEL4.9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"product": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"product_id": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-debuginfo@3.9p1-8.RHEL4.9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"product": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"product_id": "openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-server@3.9p1-8.RHEL4.9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openssh-0:3.9p1-8.RHEL4.9.s390x",
"product": {
"name": "openssh-0:3.9p1-8.RHEL4.9.s390x",
"product_id": "openssh-0:3.9p1-8.RHEL4.9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh@3.9p1-8.RHEL4.9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"product": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"product_id": "openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-clients@3.9p1-8.RHEL4.9?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"product": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"product_id": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-askpass@3.9p1-8.RHEL4.9?arch=s390"
}
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"product": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"product_id": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-askpass-gnome@3.9p1-8.RHEL4.9?arch=s390"
}
}
},
{
"category": "product_version",
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"product": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"product_id": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-debuginfo@3.9p1-8.RHEL4.9?arch=s390"
}
}
},
{
"category": "product_version",
"name": "openssh-server-0:3.9p1-8.RHEL4.9.s390",
"product": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.s390",
"product_id": "openssh-server-0:3.9p1-8.RHEL4.9.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-server@3.9p1-8.RHEL4.9?arch=s390"
}
}
},
{
"category": "product_version",
"name": "openssh-0:3.9p1-8.RHEL4.9.s390",
"product": {
"name": "openssh-0:3.9p1-8.RHEL4.9.s390",
"product_id": "openssh-0:3.9p1-8.RHEL4.9.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh@3.9p1-8.RHEL4.9?arch=s390"
}
}
},
{
"category": "product_version",
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"product": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"product_id": "openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-clients@3.9p1-8.RHEL4.9?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.src as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-0:3.9p1-8.RHEL4.9.src"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.src",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-server-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-server-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-server-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.src as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-0:3.9p1-8.RHEL4.9.src"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.src",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.src as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-0:3.9p1-8.RHEL4.9.src"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.src",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-server-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-server-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-server-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:openssh-server-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.src as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-0:3.9p1-8.RHEL4.9.src"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.src",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-server-0:3.9p1-8.RHEL4.9.i386"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-server-0:3.9p1-8.RHEL4.9.ia64"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-server-0:3.9p1-8.RHEL4.9.ppc"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390x"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64"
},
"product_reference": "openssh-server-0:3.9p1-8.RHEL4.9.x86_64",
"relates_to_product_reference": "4WS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2005-2798",
"discovery_date": "2005-09-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617757"
}
],
"notes": [
{
"category": "description",
"text": "sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect Red Hat Enterprise Linux 2.1 and 3.\n\nThis flaw was fixed in Red Hat Enterprise Linux 4 via errata RHSA-2005:527:\nhttp://rhn.redhat.com/errata/RHSA-2005-527.html",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"4AS:openssh-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-0:3.9p1-8.RHEL4.9.src",
"4AS:openssh-0:3.9p1-8.RHEL4.9.x86_64",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.src",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-0:3.9p1-8.RHEL4.9.src",
"4ES:openssh-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-0:3.9p1-8.RHEL4.9.src",
"4WS:openssh-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2005-2798"
},
{
"category": "external",
"summary": "RHBZ#1617757",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617757"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2005-2798",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-2798"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2005-2798",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2005-2798"
}
],
"release_date": "2005-09-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2005-10-05T11:54:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/",
"product_ids": [
"4AS:openssh-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-0:3.9p1-8.RHEL4.9.src",
"4AS:openssh-0:3.9p1-8.RHEL4.9.x86_64",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.src",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-0:3.9p1-8.RHEL4.9.src",
"4ES:openssh-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-0:3.9p1-8.RHEL4.9.src",
"4WS:openssh-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2005:527"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2008-1483",
"discovery_date": "2008-01-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "439079"
}
],
"notes": [
{
"category": "description",
"text": "OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssh may set DISPLAY even if it\u0027s unable to listen on respective port",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "All openssh versions shipped in Red Hat Enterprise Linux 5 include the patch for this issue. Red Hat Enterprise Linux 3 is affected by this issue.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"4AS:openssh-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-0:3.9p1-8.RHEL4.9.src",
"4AS:openssh-0:3.9p1-8.RHEL4.9.x86_64",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.src",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-0:3.9p1-8.RHEL4.9.src",
"4ES:openssh-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-0:3.9p1-8.RHEL4.9.src",
"4WS:openssh-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-1483"
},
{
"category": "external",
"summary": "RHBZ#439079",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=439079"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-1483",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1483"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1483",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1483"
}
],
"release_date": "2008-01-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2005-10-05T11:54:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/",
"product_ids": [
"4AS:openssh-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-0:3.9p1-8.RHEL4.9.src",
"4AS:openssh-0:3.9p1-8.RHEL4.9.x86_64",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.i386",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"4AS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.src",
"4Desktop:openssh-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.i386",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-0:3.9p1-8.RHEL4.9.src",
"4ES:openssh-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.i386",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"4ES:openssh-server-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-0:3.9p1-8.RHEL4.9.src",
"4WS:openssh-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.i386",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.ia64",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.ppc",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390x",
"4WS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2005:527"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssh may set DISPLAY even if it\u0027s unable to listen on respective port"
}
]
}
SUSE-SU-2017:3230-1
Vulnerability from csaf_suse - Published: 2017-12-07 12:22 - Updated: 2017-12-07 12:22Summary
Security update for openssh
Severity
Moderate
Notes
Title of the patch: Security update for openssh
Description of the patch: This update for openssh fixes the following issues:
Security issue fixed:
- CVE-2017-15906: Stricter checking of operations in read-only mode in sftp server (bsc#1065000).
Bug fixes:
- FIPS: Startup selfchecks (bsc#1068310).
- FIPS: Silent complaints about unsupported key exchange methods (bsc#1006166).
- Refine handling of sockets for X11 forwarding to remove reintroduced CVE-2008-1483 (bsc#1069509).
- Test configuration before running daemon to prevent looping resulting in service shutdown (bsc#1048367)
Patchnames: SUSE-CAASP-ALL-2017-2009,SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-2009,SUSE-SLE-DESKTOP-12-SP2-2017-2009,SUSE-SLE-DESKTOP-12-SP3-2017-2009,SUSE-SLE-RPI-12-SP2-2017-2009,SUSE-SLE-SERVER-12-SP2-2017-2009,SUSE-SLE-SERVER-12-SP3-2017-2009
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.2 (High)
Affected products
Recommended
74 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-74.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:openssh-7.2p2-74.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-74.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.3 (Medium)
Affected products
Recommended
74 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-74.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:openssh-7.2p2-74.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-74.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
25 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssh",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssh fixes the following issues:\n\nSecurity issue fixed:\n\n- CVE-2017-15906: Stricter checking of operations in read-only mode in sftp server (bsc#1065000).\n\nBug fixes:\n\n- FIPS: Startup selfchecks (bsc#1068310).\n- FIPS: Silent complaints about unsupported key exchange methods (bsc#1006166).\n- Refine handling of sockets for X11 forwarding to remove reintroduced CVE-2008-1483 (bsc#1069509).\n- Test configuration before running daemon to prevent looping resulting in service shutdown (bsc#1048367)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-CAASP-ALL-2017-2009,SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-2009,SUSE-SLE-DESKTOP-12-SP2-2017-2009,SUSE-SLE-DESKTOP-12-SP3-2017-2009,SUSE-SLE-RPI-12-SP2-2017-2009,SUSE-SLE-SERVER-12-SP2-2017-2009,SUSE-SLE-SERVER-12-SP3-2017-2009",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_3230-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:3230-1",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20173230-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:3230-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-December/003476.html"
},
{
"category": "self",
"summary": "SUSE Bug 1006166",
"url": "https://bugzilla.suse.com/1006166"
},
{
"category": "self",
"summary": "SUSE Bug 1048367",
"url": "https://bugzilla.suse.com/1048367"
},
{
"category": "self",
"summary": "SUSE Bug 1065000",
"url": "https://bugzilla.suse.com/1065000"
},
{
"category": "self",
"summary": "SUSE Bug 1068310",
"url": "https://bugzilla.suse.com/1068310"
},
{
"category": "self",
"summary": "SUSE Bug 1069509",
"url": "https://bugzilla.suse.com/1069509"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2008-1483 page",
"url": "https://www.suse.com/security/cve/CVE-2008-1483/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-15906 page",
"url": "https://www.suse.com/security/cve/CVE-2017-15906/"
}
],
"title": "Security update for openssh",
"tracking": {
"current_release_date": "2017-12-07T12:22:05Z",
"generator": {
"date": "2017-12-07T12:22:05Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:3230-1",
"initial_release_date": "2017-12-07T12:22:05Z",
"revision_history": [
{
"date": "2017-12-07T12:22:05Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "openssh-7.2p2-74.11.1.aarch64",
"product": {
"name": "openssh-7.2p2-74.11.1.aarch64",
"product_id": "openssh-7.2p2-74.11.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-7.2p2-74.11.3.aarch64",
"product": {
"name": "openssh-askpass-gnome-7.2p2-74.11.3.aarch64",
"product_id": "openssh-askpass-gnome-7.2p2-74.11.3.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-fips-7.2p2-74.11.1.aarch64",
"product": {
"name": "openssh-fips-7.2p2-74.11.1.aarch64",
"product_id": "openssh-fips-7.2p2-74.11.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-helpers-7.2p2-74.11.1.aarch64",
"product": {
"name": "openssh-helpers-7.2p2-74.11.1.aarch64",
"product_id": "openssh-helpers-7.2p2-74.11.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-7.2p2-74.11.1.ppc64le",
"product": {
"name": "openssh-7.2p2-74.11.1.ppc64le",
"product_id": "openssh-7.2p2-74.11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-7.2p2-74.11.3.ppc64le",
"product": {
"name": "openssh-askpass-gnome-7.2p2-74.11.3.ppc64le",
"product_id": "openssh-askpass-gnome-7.2p2-74.11.3.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-fips-7.2p2-74.11.1.ppc64le",
"product": {
"name": "openssh-fips-7.2p2-74.11.1.ppc64le",
"product_id": "openssh-fips-7.2p2-74.11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-helpers-7.2p2-74.11.1.ppc64le",
"product": {
"name": "openssh-helpers-7.2p2-74.11.1.ppc64le",
"product_id": "openssh-helpers-7.2p2-74.11.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-7.2p2-74.11.1.s390x",
"product": {
"name": "openssh-7.2p2-74.11.1.s390x",
"product_id": "openssh-7.2p2-74.11.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-7.2p2-74.11.3.s390x",
"product": {
"name": "openssh-askpass-gnome-7.2p2-74.11.3.s390x",
"product_id": "openssh-askpass-gnome-7.2p2-74.11.3.s390x"
}
},
{
"category": "product_version",
"name": "openssh-fips-7.2p2-74.11.1.s390x",
"product": {
"name": "openssh-fips-7.2p2-74.11.1.s390x",
"product_id": "openssh-fips-7.2p2-74.11.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-helpers-7.2p2-74.11.1.s390x",
"product": {
"name": "openssh-helpers-7.2p2-74.11.1.s390x",
"product_id": "openssh-helpers-7.2p2-74.11.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-7.2p2-74.11.1.x86_64",
"product": {
"name": "openssh-7.2p2-74.11.1.x86_64",
"product_id": "openssh-7.2p2-74.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"product": {
"name": "openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"product_id": "openssh-askpass-gnome-7.2p2-74.11.3.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-helpers-7.2p2-74.11.1.x86_64",
"product": {
"name": "openssh-helpers-7.2p2-74.11.1.x86_64",
"product_id": "openssh-helpers-7.2p2-74.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-fips-7.2p2-74.11.1.x86_64",
"product": {
"name": "openssh-fips-7.2p2-74.11.1.x86_64",
"product_id": "openssh-fips-7.2p2-74.11.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-74.11.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-74.11.1.x86_64"
},
"product_reference": "openssh-7.2p2-74.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-74.11.3.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64"
},
"product_reference": "openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-74.11.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64"
},
"product_reference": "openssh-helpers-7.2p2-74.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-74.11.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:openssh-7.2p2-74.11.1.x86_64"
},
"product_reference": "openssh-7.2p2-74.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-74.11.3.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64"
},
"product_reference": "openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-74.11.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64"
},
"product_reference": "openssh-helpers-7.2p2-74.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-74.11.1.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-74.11.1.aarch64"
},
"product_reference": "openssh-7.2p2-74.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-74.11.3.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64"
},
"product_reference": "openssh-askpass-gnome-7.2p2-74.11.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-74.11.1.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64"
},
"product_reference": "openssh-fips-7.2p2-74.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-74.11.1.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64"
},
"product_reference": "openssh-helpers-7.2p2-74.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-74.11.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.aarch64"
},
"product_reference": "openssh-7.2p2-74.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-74.11.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.ppc64le"
},
"product_reference": "openssh-7.2p2-74.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-74.11.1.s390x as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.s390x"
},
"product_reference": "openssh-7.2p2-74.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-74.11.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.x86_64"
},
"product_reference": "openssh-7.2p2-74.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-74.11.3.aarch64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64"
},
"product_reference": "openssh-askpass-gnome-7.2p2-74.11.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-74.11.3.ppc64le as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le"
},
"product_reference": "openssh-askpass-gnome-7.2p2-74.11.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-74.11.3.s390x as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.s390x"
},
"product_reference": "openssh-askpass-gnome-7.2p2-74.11.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-74.11.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64"
},
"product_reference": "openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-74.11.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64"
},
"product_reference": "openssh-fips-7.2p2-74.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-74.11.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.ppc64le"
},
"product_reference": "openssh-fips-7.2p2-74.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-74.11.1.s390x as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.s390x"
},
"product_reference": "openssh-fips-7.2p2-74.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-74.11.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.x86_64"
},
"product_reference": "openssh-fips-7.2p2-74.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-74.11.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64"
},
"product_reference": "openssh-helpers-7.2p2-74.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-74.11.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.ppc64le"
},
"product_reference": "openssh-helpers-7.2p2-74.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-74.11.1.s390x as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.s390x"
},
"product_reference": "openssh-helpers-7.2p2-74.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-74.11.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64"
},
"product_reference": "openssh-helpers-7.2p2-74.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-74.11.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.aarch64"
},
"product_reference": "openssh-7.2p2-74.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-74.11.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.ppc64le"
},
"product_reference": "openssh-7.2p2-74.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-74.11.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.s390x"
},
"product_reference": "openssh-7.2p2-74.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-74.11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.x86_64"
},
"product_reference": "openssh-7.2p2-74.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-74.11.3.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64"
},
"product_reference": "openssh-askpass-gnome-7.2p2-74.11.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-74.11.3.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le"
},
"product_reference": "openssh-askpass-gnome-7.2p2-74.11.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-74.11.3.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.s390x"
},
"product_reference": "openssh-askpass-gnome-7.2p2-74.11.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-74.11.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64"
},
"product_reference": "openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-74.11.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64"
},
"product_reference": "openssh-fips-7.2p2-74.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-74.11.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.ppc64le"
},
"product_reference": "openssh-fips-7.2p2-74.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-74.11.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.s390x"
},
"product_reference": "openssh-fips-7.2p2-74.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-74.11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.x86_64"
},
"product_reference": "openssh-fips-7.2p2-74.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-74.11.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64"
},
"product_reference": "openssh-helpers-7.2p2-74.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-74.11.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.ppc64le"
},
"product_reference": "openssh-helpers-7.2p2-74.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-74.11.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.s390x"
},
"product_reference": "openssh-helpers-7.2p2-74.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-74.11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64"
},
"product_reference": "openssh-helpers-7.2p2-74.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-74.11.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.aarch64"
},
"product_reference": "openssh-7.2p2-74.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-74.11.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.ppc64le"
},
"product_reference": "openssh-7.2p2-74.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-74.11.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.s390x"
},
"product_reference": "openssh-7.2p2-74.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-74.11.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.x86_64"
},
"product_reference": "openssh-7.2p2-74.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-74.11.3.aarch64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.aarch64"
},
"product_reference": "openssh-askpass-gnome-7.2p2-74.11.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-74.11.3.ppc64le as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le"
},
"product_reference": "openssh-askpass-gnome-7.2p2-74.11.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-74.11.3.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.s390x"
},
"product_reference": "openssh-askpass-gnome-7.2p2-74.11.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-74.11.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64"
},
"product_reference": "openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-74.11.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.aarch64"
},
"product_reference": "openssh-fips-7.2p2-74.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-74.11.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.ppc64le"
},
"product_reference": "openssh-fips-7.2p2-74.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-74.11.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.s390x"
},
"product_reference": "openssh-fips-7.2p2-74.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-74.11.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.x86_64"
},
"product_reference": "openssh-fips-7.2p2-74.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-74.11.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.aarch64"
},
"product_reference": "openssh-helpers-7.2p2-74.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-74.11.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.ppc64le"
},
"product_reference": "openssh-helpers-7.2p2-74.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-74.11.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.s390x"
},
"product_reference": "openssh-helpers-7.2p2-74.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-74.11.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64"
},
"product_reference": "openssh-helpers-7.2p2-74.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-74.11.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.aarch64"
},
"product_reference": "openssh-7.2p2-74.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-74.11.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.ppc64le"
},
"product_reference": "openssh-7.2p2-74.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-74.11.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.s390x"
},
"product_reference": "openssh-7.2p2-74.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-74.11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.x86_64"
},
"product_reference": "openssh-7.2p2-74.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-74.11.3.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.aarch64"
},
"product_reference": "openssh-askpass-gnome-7.2p2-74.11.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-74.11.3.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le"
},
"product_reference": "openssh-askpass-gnome-7.2p2-74.11.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-74.11.3.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.s390x"
},
"product_reference": "openssh-askpass-gnome-7.2p2-74.11.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-74.11.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64"
},
"product_reference": "openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-74.11.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.aarch64"
},
"product_reference": "openssh-fips-7.2p2-74.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-74.11.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.ppc64le"
},
"product_reference": "openssh-fips-7.2p2-74.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-74.11.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.s390x"
},
"product_reference": "openssh-fips-7.2p2-74.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-74.11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.x86_64"
},
"product_reference": "openssh-fips-7.2p2-74.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-74.11.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.aarch64"
},
"product_reference": "openssh-helpers-7.2p2-74.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-74.11.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.ppc64le"
},
"product_reference": "openssh-helpers-7.2p2-74.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-74.11.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.s390x"
},
"product_reference": "openssh-helpers-7.2p2-74.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-74.11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64"
},
"product_reference": "openssh-helpers-7.2p2-74.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2008-1483",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2008-1483"
}
],
"notes": [
{
"category": "general",
"text": "OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:openssh-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.aarch64",
"SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.s390x",
"SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2008-1483",
"url": "https://www.suse.com/security/cve/CVE-2008-1483"
},
{
"category": "external",
"summary": "SUSE Bug 1069509 for CVE-2008-1483",
"url": "https://bugzilla.suse.com/1069509"
},
{
"category": "external",
"summary": "SUSE Bug 373527 for CVE-2008-1483",
"url": "https://bugzilla.suse.com/373527"
},
{
"category": "external",
"summary": "SUSE Bug 585630 for CVE-2008-1483",
"url": "https://bugzilla.suse.com/585630"
},
{
"category": "external",
"summary": "SUSE Bug 647633 for CVE-2008-1483",
"url": "https://bugzilla.suse.com/647633"
},
{
"category": "external",
"summary": "SUSE Bug 706386 for CVE-2008-1483",
"url": "https://bugzilla.suse.com/706386"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:openssh-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.aarch64",
"SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.s390x",
"SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:openssh-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.aarch64",
"SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.s390x",
"SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-12-07T12:22:05Z",
"details": "important"
}
],
"title": "CVE-2008-1483"
},
{
"cve": "CVE-2017-15906",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-15906"
}
],
"notes": [
{
"category": "general",
"text": "The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:openssh-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.aarch64",
"SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.s390x",
"SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-15906",
"url": "https://www.suse.com/security/cve/CVE-2017-15906"
},
{
"category": "external",
"summary": "SUSE Bug 1064285 for CVE-2017-15906",
"url": "https://bugzilla.suse.com/1064285"
},
{
"category": "external",
"summary": "SUSE Bug 1065000 for CVE-2017-15906",
"url": "https://bugzilla.suse.com/1065000"
},
{
"category": "external",
"summary": "SUSE Bug 1074115 for CVE-2017-15906",
"url": "https://bugzilla.suse.com/1074115"
},
{
"category": "external",
"summary": "SUSE Bug 1079488 for CVE-2017-15906",
"url": "https://bugzilla.suse.com/1079488"
},
{
"category": "external",
"summary": "SUSE Bug 1090163 for CVE-2017-15906",
"url": "https://bugzilla.suse.com/1090163"
},
{
"category": "external",
"summary": "SUSE Bug 1099316 for CVE-2017-15906",
"url": "https://bugzilla.suse.com/1099316"
},
{
"category": "external",
"summary": "SUSE Bug 1138392 for CVE-2017-15906",
"url": "https://bugzilla.suse.com/1138392"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:openssh-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.aarch64",
"SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.s390x",
"SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:openssh-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.aarch64",
"SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.s390x",
"SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-12-07T12:22:05Z",
"details": "moderate"
}
],
"title": "CVE-2017-15906"
}
]
}
SUSE-SU-2018:2275-1
Vulnerability from csaf_suse - Published: 2018-08-09 13:56 - Updated: 2018-08-09 13:56Summary
Security update for openssh
Severity
Moderate
Notes
Title of the patch: Security update for openssh
Description of the patch: This update for openssh fixes the following issues:
Security issues fixed:
- CVE-2016-10012: Fix pre-auth compression checks that could be optimized away (bsc#1016370).
- CVE-2016-10708: Fix remote denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYSmessage (bsc#1076957).
- CVE-2017-15906: Fix r/o sftp-server zero byte file creation (bsc#1065000).
- CVE-2008-1483: Fix accidental re-introduction of CVE-2008-1483 (bsc#1069509).
Bug fixes:
- bsc#1017099: Match conditions with uppercase hostnames fail (bsc#1017099)
- bsc#1053972: supportedKeyExchanges diffie-hellman-group1-sha1 is duplicated (bsc#1053972)
- bsc#1023275: Messages suppressed after upgrade from SLES 11 SP3 to SP4 (bsc#1023275)
Patchnames: slessp4-openssh-13719
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.2 (High)
Affected products
Recommended
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
5.3 (Medium)
Affected products
Recommended
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
44 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssh",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssh fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2016-10012: Fix pre-auth compression checks that could be optimized away (bsc#1016370).\n- CVE-2016-10708: Fix remote denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYSmessage (bsc#1076957).\n- CVE-2017-15906: Fix r/o sftp-server zero byte file creation (bsc#1065000).\n- CVE-2008-1483: Fix accidental re-introduction of CVE-2008-1483 (bsc#1069509).\n\nBug fixes:\n\n- bsc#1017099: Match conditions with uppercase hostnames fail (bsc#1017099)\n- bsc#1053972: supportedKeyExchanges diffie-hellman-group1-sha1 is duplicated (bsc#1053972)\n- bsc#1023275: Messages suppressed after upgrade from SLES 11 SP3 to SP4 (bsc#1023275)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "slessp4-openssh-13719",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_2275-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:2275-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182275-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:2275-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-August/004398.html"
},
{
"category": "self",
"summary": "SUSE Bug 1016370",
"url": "https://bugzilla.suse.com/1016370"
},
{
"category": "self",
"summary": "SUSE Bug 1017099",
"url": "https://bugzilla.suse.com/1017099"
},
{
"category": "self",
"summary": "SUSE Bug 1023275",
"url": "https://bugzilla.suse.com/1023275"
},
{
"category": "self",
"summary": "SUSE Bug 1053972",
"url": "https://bugzilla.suse.com/1053972"
},
{
"category": "self",
"summary": "SUSE Bug 1065000",
"url": "https://bugzilla.suse.com/1065000"
},
{
"category": "self",
"summary": "SUSE Bug 1069509",
"url": "https://bugzilla.suse.com/1069509"
},
{
"category": "self",
"summary": "SUSE Bug 1076957",
"url": "https://bugzilla.suse.com/1076957"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2008-1483 page",
"url": "https://www.suse.com/security/cve/CVE-2008-1483/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10012 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10012/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10708 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10708/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-15906 page",
"url": "https://www.suse.com/security/cve/CVE-2017-15906/"
}
],
"title": "Security update for openssh",
"tracking": {
"current_release_date": "2018-08-09T13:56:33Z",
"generator": {
"date": "2018-08-09T13:56:33Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:2275-1",
"initial_release_date": "2018-08-09T13:56:33Z",
"revision_history": [
{
"date": "2018-08-09T13:56:33Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "openssh-6.6p1-36.3.1.i586",
"product": {
"name": "openssh-6.6p1-36.3.1.i586",
"product_id": "openssh-6.6p1-36.3.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-6.6p1-36.3.1.i586",
"product": {
"name": "openssh-askpass-gnome-6.6p1-36.3.1.i586",
"product_id": "openssh-askpass-gnome-6.6p1-36.3.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-fips-6.6p1-36.3.1.i586",
"product": {
"name": "openssh-fips-6.6p1-36.3.1.i586",
"product_id": "openssh-fips-6.6p1-36.3.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-helpers-6.6p1-36.3.1.i586",
"product": {
"name": "openssh-helpers-6.6p1-36.3.1.i586",
"product_id": "openssh-helpers-6.6p1-36.3.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-6.6p1-36.3.1.ia64",
"product": {
"name": "openssh-6.6p1-36.3.1.ia64",
"product_id": "openssh-6.6p1-36.3.1.ia64"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-6.6p1-36.3.1.ia64",
"product": {
"name": "openssh-askpass-gnome-6.6p1-36.3.1.ia64",
"product_id": "openssh-askpass-gnome-6.6p1-36.3.1.ia64"
}
},
{
"category": "product_version",
"name": "openssh-fips-6.6p1-36.3.1.ia64",
"product": {
"name": "openssh-fips-6.6p1-36.3.1.ia64",
"product_id": "openssh-fips-6.6p1-36.3.1.ia64"
}
},
{
"category": "product_version",
"name": "openssh-helpers-6.6p1-36.3.1.ia64",
"product": {
"name": "openssh-helpers-6.6p1-36.3.1.ia64",
"product_id": "openssh-helpers-6.6p1-36.3.1.ia64"
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-6.6p1-36.3.1.ppc64",
"product": {
"name": "openssh-6.6p1-36.3.1.ppc64",
"product_id": "openssh-6.6p1-36.3.1.ppc64"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-6.6p1-36.3.1.ppc64",
"product": {
"name": "openssh-askpass-gnome-6.6p1-36.3.1.ppc64",
"product_id": "openssh-askpass-gnome-6.6p1-36.3.1.ppc64"
}
},
{
"category": "product_version",
"name": "openssh-fips-6.6p1-36.3.1.ppc64",
"product": {
"name": "openssh-fips-6.6p1-36.3.1.ppc64",
"product_id": "openssh-fips-6.6p1-36.3.1.ppc64"
}
},
{
"category": "product_version",
"name": "openssh-helpers-6.6p1-36.3.1.ppc64",
"product": {
"name": "openssh-helpers-6.6p1-36.3.1.ppc64",
"product_id": "openssh-helpers-6.6p1-36.3.1.ppc64"
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-6.6p1-36.3.1.s390x",
"product": {
"name": "openssh-6.6p1-36.3.1.s390x",
"product_id": "openssh-6.6p1-36.3.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-6.6p1-36.3.1.s390x",
"product": {
"name": "openssh-askpass-gnome-6.6p1-36.3.1.s390x",
"product_id": "openssh-askpass-gnome-6.6p1-36.3.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-fips-6.6p1-36.3.1.s390x",
"product": {
"name": "openssh-fips-6.6p1-36.3.1.s390x",
"product_id": "openssh-fips-6.6p1-36.3.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-helpers-6.6p1-36.3.1.s390x",
"product": {
"name": "openssh-helpers-6.6p1-36.3.1.s390x",
"product_id": "openssh-helpers-6.6p1-36.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-6.6p1-36.3.1.x86_64",
"product": {
"name": "openssh-6.6p1-36.3.1.x86_64",
"product_id": "openssh-6.6p1-36.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-6.6p1-36.3.1.x86_64",
"product": {
"name": "openssh-askpass-gnome-6.6p1-36.3.1.x86_64",
"product_id": "openssh-askpass-gnome-6.6p1-36.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-fips-6.6p1-36.3.1.x86_64",
"product": {
"name": "openssh-fips-6.6p1-36.3.1.x86_64",
"product_id": "openssh-fips-6.6p1-36.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-helpers-6.6p1-36.3.1.x86_64",
"product": {
"name": "openssh-helpers-6.6p1-36.3.1.x86_64",
"product_id": "openssh-helpers-6.6p1-36.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-36.3.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.i586"
},
"product_reference": "openssh-6.6p1-36.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-36.3.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ia64"
},
"product_reference": "openssh-6.6p1-36.3.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-36.3.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ppc64"
},
"product_reference": "openssh-6.6p1-36.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-36.3.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.s390x"
},
"product_reference": "openssh-6.6p1-36.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-36.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.x86_64"
},
"product_reference": "openssh-6.6p1-36.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-36.3.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586"
},
"product_reference": "openssh-askpass-gnome-6.6p1-36.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-36.3.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64"
},
"product_reference": "openssh-askpass-gnome-6.6p1-36.3.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-36.3.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64"
},
"product_reference": "openssh-askpass-gnome-6.6p1-36.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-36.3.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x"
},
"product_reference": "openssh-askpass-gnome-6.6p1-36.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-36.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-6.6p1-36.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-36.3.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.i586"
},
"product_reference": "openssh-fips-6.6p1-36.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-36.3.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ia64"
},
"product_reference": "openssh-fips-6.6p1-36.3.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-36.3.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64"
},
"product_reference": "openssh-fips-6.6p1-36.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-36.3.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.s390x"
},
"product_reference": "openssh-fips-6.6p1-36.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-36.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64"
},
"product_reference": "openssh-fips-6.6p1-36.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-36.3.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.i586"
},
"product_reference": "openssh-helpers-6.6p1-36.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-36.3.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64"
},
"product_reference": "openssh-helpers-6.6p1-36.3.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-36.3.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64"
},
"product_reference": "openssh-helpers-6.6p1-36.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-36.3.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x"
},
"product_reference": "openssh-helpers-6.6p1-36.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-36.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64"
},
"product_reference": "openssh-helpers-6.6p1-36.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-36.3.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.i586"
},
"product_reference": "openssh-6.6p1-36.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-36.3.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ia64"
},
"product_reference": "openssh-6.6p1-36.3.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-36.3.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ppc64"
},
"product_reference": "openssh-6.6p1-36.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-36.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.s390x"
},
"product_reference": "openssh-6.6p1-36.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-36.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.x86_64"
},
"product_reference": "openssh-6.6p1-36.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-36.3.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586"
},
"product_reference": "openssh-askpass-gnome-6.6p1-36.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-36.3.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64"
},
"product_reference": "openssh-askpass-gnome-6.6p1-36.3.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-36.3.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64"
},
"product_reference": "openssh-askpass-gnome-6.6p1-36.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-36.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x"
},
"product_reference": "openssh-askpass-gnome-6.6p1-36.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-36.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-6.6p1-36.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-36.3.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.i586"
},
"product_reference": "openssh-fips-6.6p1-36.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-36.3.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ia64"
},
"product_reference": "openssh-fips-6.6p1-36.3.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-36.3.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64"
},
"product_reference": "openssh-fips-6.6p1-36.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-36.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.s390x"
},
"product_reference": "openssh-fips-6.6p1-36.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-36.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64"
},
"product_reference": "openssh-fips-6.6p1-36.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-36.3.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.i586"
},
"product_reference": "openssh-helpers-6.6p1-36.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-36.3.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64"
},
"product_reference": "openssh-helpers-6.6p1-36.3.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-36.3.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64"
},
"product_reference": "openssh-helpers-6.6p1-36.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-36.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x"
},
"product_reference": "openssh-helpers-6.6p1-36.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-36.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64"
},
"product_reference": "openssh-helpers-6.6p1-36.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2008-1483",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2008-1483"
}
],
"notes": [
{
"category": "general",
"text": "OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2008-1483",
"url": "https://www.suse.com/security/cve/CVE-2008-1483"
},
{
"category": "external",
"summary": "SUSE Bug 1069509 for CVE-2008-1483",
"url": "https://bugzilla.suse.com/1069509"
},
{
"category": "external",
"summary": "SUSE Bug 373527 for CVE-2008-1483",
"url": "https://bugzilla.suse.com/373527"
},
{
"category": "external",
"summary": "SUSE Bug 585630 for CVE-2008-1483",
"url": "https://bugzilla.suse.com/585630"
},
{
"category": "external",
"summary": "SUSE Bug 647633 for CVE-2008-1483",
"url": "https://bugzilla.suse.com/647633"
},
{
"category": "external",
"summary": "SUSE Bug 706386 for CVE-2008-1483",
"url": "https://bugzilla.suse.com/706386"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-08-09T13:56:33Z",
"details": "important"
}
],
"title": "CVE-2008-1483"
},
{
"cve": "CVE-2016-10012",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10012"
}
],
"notes": [
{
"category": "general",
"text": "The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10012",
"url": "https://www.suse.com/security/cve/CVE-2016-10012"
},
{
"category": "external",
"summary": "SUSE Bug 1006166 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1006166"
},
{
"category": "external",
"summary": "SUSE Bug 1016336 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1016336"
},
{
"category": "external",
"summary": "SUSE Bug 1016369 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1016369"
},
{
"category": "external",
"summary": "SUSE Bug 1016370 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1016370"
},
{
"category": "external",
"summary": "SUSE Bug 1017870 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1017870"
},
{
"category": "external",
"summary": "SUSE Bug 1026634 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1026634"
},
{
"category": "external",
"summary": "SUSE Bug 1035742 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1035742"
},
{
"category": "external",
"summary": "SUSE Bug 1073044 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1073044"
},
{
"category": "external",
"summary": "SUSE Bug 1092582 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1092582"
},
{
"category": "external",
"summary": "SUSE Bug 1138392 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1138392"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-08-09T13:56:33Z",
"details": "low"
}
],
"title": "CVE-2016-10012"
},
{
"cve": "CVE-2016-10708",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10708"
}
],
"notes": [
{
"category": "general",
"text": "sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10708",
"url": "https://www.suse.com/security/cve/CVE-2016-10708"
},
{
"category": "external",
"summary": "SUSE Bug 1076957 for CVE-2016-10708",
"url": "https://bugzilla.suse.com/1076957"
},
{
"category": "external",
"summary": "SUSE Bug 1106726 for CVE-2016-10708",
"url": "https://bugzilla.suse.com/1106726"
},
{
"category": "external",
"summary": "SUSE Bug 1138392 for CVE-2016-10708",
"url": "https://bugzilla.suse.com/1138392"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-08-09T13:56:33Z",
"details": "moderate"
}
],
"title": "CVE-2016-10708"
},
{
"cve": "CVE-2017-15906",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-15906"
}
],
"notes": [
{
"category": "general",
"text": "The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-15906",
"url": "https://www.suse.com/security/cve/CVE-2017-15906"
},
{
"category": "external",
"summary": "SUSE Bug 1064285 for CVE-2017-15906",
"url": "https://bugzilla.suse.com/1064285"
},
{
"category": "external",
"summary": "SUSE Bug 1065000 for CVE-2017-15906",
"url": "https://bugzilla.suse.com/1065000"
},
{
"category": "external",
"summary": "SUSE Bug 1074115 for CVE-2017-15906",
"url": "https://bugzilla.suse.com/1074115"
},
{
"category": "external",
"summary": "SUSE Bug 1079488 for CVE-2017-15906",
"url": "https://bugzilla.suse.com/1079488"
},
{
"category": "external",
"summary": "SUSE Bug 1090163 for CVE-2017-15906",
"url": "https://bugzilla.suse.com/1090163"
},
{
"category": "external",
"summary": "SUSE Bug 1099316 for CVE-2017-15906",
"url": "https://bugzilla.suse.com/1099316"
},
{
"category": "external",
"summary": "SUSE Bug 1138392 for CVE-2017-15906",
"url": "https://bugzilla.suse.com/1138392"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-08-09T13:56:33Z",
"details": "moderate"
}
],
"title": "CVE-2017-15906"
}
]
}
SUSE-SU-2018:2685-1
Vulnerability from csaf_suse - Published: 2018-09-11 08:50 - Updated: 2018-09-11 08:50Summary
Security update for openssh
Severity
Moderate
Notes
Title of the patch: Security update for openssh
Description of the patch: This update for openssh provides the following fixes:
Security issues fixed:
- CVE-2017-15906: Stricter checking of operations in read-only mode in sftp server (bsc#1065000).
- CVE-2016-10012: Remove pre-auth compression support from the server to prevent possible cryptographic attacks (bsc#1016370).
- CVE-2008-1483: Refine handling of sockets for X11 forwarding to remove reintroduced CVE-2008-1483 (bsc#1069509).
- CVE-2016-10708: Prevent DoS due to crashes caused by out-of-sequence NEWKEYS message (bsc#1076957).
Bug fixes:
- bsc#1017099: Enable case-insensitive hostname matching.
- bsc#1023275: Add a new switch for printing diagnostic messages in sftp client's batch mode.
- bsc#1048367: systemd integration to work around various race conditions.
- bsc#1053972: Remove duplicate KEX method.
- bsc#1092582: Add missing piece of systemd integration.
- Remove the limit on the amount of tasks sshd can run.
Patchnames: SUSE-SLE-SAP-12-SP1-2018-1876,SUSE-SLE-SERVER-12-2018-1876,SUSE-SLE-SERVER-12-SP1-2018-1876
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.2 (High)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
5.3 (Medium)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
46 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssh",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssh provides the following fixes:\n\nSecurity issues fixed:\n\n- CVE-2017-15906: Stricter checking of operations in read-only mode in sftp server (bsc#1065000).\n- CVE-2016-10012: Remove pre-auth compression support from the server to prevent possible cryptographic attacks (bsc#1016370).\n- CVE-2008-1483: Refine handling of sockets for X11 forwarding to remove reintroduced CVE-2008-1483 (bsc#1069509).\n- CVE-2016-10708: Prevent DoS due to crashes caused by out-of-sequence NEWKEYS message (bsc#1076957).\n\nBug fixes:\n\n- bsc#1017099: Enable case-insensitive hostname matching.\n- bsc#1023275: Add a new switch for printing diagnostic messages in sftp client\u0027s batch mode.\n- bsc#1048367: systemd integration to work around various race conditions.\n- bsc#1053972: Remove duplicate KEX method.\n- bsc#1092582: Add missing piece of systemd integration.\n- Remove the limit on the amount of tasks sshd can run.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-SAP-12-SP1-2018-1876,SUSE-SLE-SERVER-12-2018-1876,SUSE-SLE-SERVER-12-SP1-2018-1876",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_2685-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:2685-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182685-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:2685-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-September/004551.html"
},
{
"category": "self",
"summary": "SUSE Bug 1016370",
"url": "https://bugzilla.suse.com/1016370"
},
{
"category": "self",
"summary": "SUSE Bug 1017099",
"url": "https://bugzilla.suse.com/1017099"
},
{
"category": "self",
"summary": "SUSE Bug 1023275",
"url": "https://bugzilla.suse.com/1023275"
},
{
"category": "self",
"summary": "SUSE Bug 1048367",
"url": "https://bugzilla.suse.com/1048367"
},
{
"category": "self",
"summary": "SUSE Bug 1053972",
"url": "https://bugzilla.suse.com/1053972"
},
{
"category": "self",
"summary": "SUSE Bug 1065000",
"url": "https://bugzilla.suse.com/1065000"
},
{
"category": "self",
"summary": "SUSE Bug 1069509",
"url": "https://bugzilla.suse.com/1069509"
},
{
"category": "self",
"summary": "SUSE Bug 1076957",
"url": "https://bugzilla.suse.com/1076957"
},
{
"category": "self",
"summary": "SUSE Bug 1092582",
"url": "https://bugzilla.suse.com/1092582"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2008-1483 page",
"url": "https://www.suse.com/security/cve/CVE-2008-1483/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10012 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10012/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10708 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10708/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-15906 page",
"url": "https://www.suse.com/security/cve/CVE-2017-15906/"
}
],
"title": "Security update for openssh",
"tracking": {
"current_release_date": "2018-09-11T08:50:47Z",
"generator": {
"date": "2018-09-11T08:50:47Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:2685-1",
"initial_release_date": "2018-09-11T08:50:47Z",
"revision_history": [
{
"date": "2018-09-11T08:50:47Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "openssh-6.6p1-54.15.2.ppc64le",
"product": {
"name": "openssh-6.6p1-54.15.2.ppc64le",
"product_id": "openssh-6.6p1-54.15.2.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"product": {
"name": "openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"product_id": "openssh-askpass-gnome-6.6p1-54.15.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-fips-6.6p1-54.15.2.ppc64le",
"product": {
"name": "openssh-fips-6.6p1-54.15.2.ppc64le",
"product_id": "openssh-fips-6.6p1-54.15.2.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-helpers-6.6p1-54.15.2.ppc64le",
"product": {
"name": "openssh-helpers-6.6p1-54.15.2.ppc64le",
"product_id": "openssh-helpers-6.6p1-54.15.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-6.6p1-54.15.2.s390x",
"product": {
"name": "openssh-6.6p1-54.15.2.s390x",
"product_id": "openssh-6.6p1-54.15.2.s390x"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-6.6p1-54.15.1.s390x",
"product": {
"name": "openssh-askpass-gnome-6.6p1-54.15.1.s390x",
"product_id": "openssh-askpass-gnome-6.6p1-54.15.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-fips-6.6p1-54.15.2.s390x",
"product": {
"name": "openssh-fips-6.6p1-54.15.2.s390x",
"product_id": "openssh-fips-6.6p1-54.15.2.s390x"
}
},
{
"category": "product_version",
"name": "openssh-helpers-6.6p1-54.15.2.s390x",
"product": {
"name": "openssh-helpers-6.6p1-54.15.2.s390x",
"product_id": "openssh-helpers-6.6p1-54.15.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-6.6p1-54.15.2.x86_64",
"product": {
"name": "openssh-6.6p1-54.15.2.x86_64",
"product_id": "openssh-6.6p1-54.15.2.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"product": {
"name": "openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"product_id": "openssh-askpass-gnome-6.6p1-54.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-fips-6.6p1-54.15.2.x86_64",
"product": {
"name": "openssh-fips-6.6p1-54.15.2.x86_64",
"product_id": "openssh-fips-6.6p1-54.15.2.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-helpers-6.6p1-54.15.2.x86_64",
"product": {
"name": "openssh-helpers-6.6p1-54.15.2.x86_64",
"product_id": "openssh-helpers-6.6p1-54.15.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-54.15.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.ppc64le"
},
"product_reference": "openssh-6.6p1-54.15.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-54.15.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.x86_64"
},
"product_reference": "openssh-6.6p1-54.15.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-54.15.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le"
},
"product_reference": "openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-54.15.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-54.15.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.ppc64le"
},
"product_reference": "openssh-fips-6.6p1-54.15.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-54.15.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.x86_64"
},
"product_reference": "openssh-fips-6.6p1-54.15.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-54.15.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.ppc64le"
},
"product_reference": "openssh-helpers-6.6p1-54.15.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-54.15.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.x86_64"
},
"product_reference": "openssh-helpers-6.6p1-54.15.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-54.15.2.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.ppc64le"
},
"product_reference": "openssh-6.6p1-54.15.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-54.15.2.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.s390x"
},
"product_reference": "openssh-6.6p1-54.15.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-54.15.2.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.x86_64"
},
"product_reference": "openssh-6.6p1-54.15.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-54.15.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le"
},
"product_reference": "openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-54.15.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x"
},
"product_reference": "openssh-askpass-gnome-6.6p1-54.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-54.15.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-54.15.2.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le"
},
"product_reference": "openssh-fips-6.6p1-54.15.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-54.15.2.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.s390x"
},
"product_reference": "openssh-fips-6.6p1-54.15.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-54.15.2.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.x86_64"
},
"product_reference": "openssh-fips-6.6p1-54.15.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-54.15.2.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le"
},
"product_reference": "openssh-helpers-6.6p1-54.15.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-54.15.2.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.s390x"
},
"product_reference": "openssh-helpers-6.6p1-54.15.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-54.15.2.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64"
},
"product_reference": "openssh-helpers-6.6p1-54.15.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-54.15.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.ppc64le"
},
"product_reference": "openssh-6.6p1-54.15.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-54.15.2.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.s390x"
},
"product_reference": "openssh-6.6p1-54.15.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-54.15.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.x86_64"
},
"product_reference": "openssh-6.6p1-54.15.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-54.15.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le"
},
"product_reference": "openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-54.15.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x"
},
"product_reference": "openssh-askpass-gnome-6.6p1-54.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-54.15.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-54.15.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le"
},
"product_reference": "openssh-fips-6.6p1-54.15.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-54.15.2.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.s390x"
},
"product_reference": "openssh-fips-6.6p1-54.15.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-54.15.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.x86_64"
},
"product_reference": "openssh-fips-6.6p1-54.15.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-54.15.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le"
},
"product_reference": "openssh-helpers-6.6p1-54.15.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-54.15.2.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.s390x"
},
"product_reference": "openssh-helpers-6.6p1-54.15.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-54.15.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64"
},
"product_reference": "openssh-helpers-6.6p1-54.15.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2008-1483",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2008-1483"
}
],
"notes": [
{
"category": "general",
"text": "OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2008-1483",
"url": "https://www.suse.com/security/cve/CVE-2008-1483"
},
{
"category": "external",
"summary": "SUSE Bug 1069509 for CVE-2008-1483",
"url": "https://bugzilla.suse.com/1069509"
},
{
"category": "external",
"summary": "SUSE Bug 373527 for CVE-2008-1483",
"url": "https://bugzilla.suse.com/373527"
},
{
"category": "external",
"summary": "SUSE Bug 585630 for CVE-2008-1483",
"url": "https://bugzilla.suse.com/585630"
},
{
"category": "external",
"summary": "SUSE Bug 647633 for CVE-2008-1483",
"url": "https://bugzilla.suse.com/647633"
},
{
"category": "external",
"summary": "SUSE Bug 706386 for CVE-2008-1483",
"url": "https://bugzilla.suse.com/706386"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-11T08:50:47Z",
"details": "important"
}
],
"title": "CVE-2008-1483"
},
{
"cve": "CVE-2016-10012",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10012"
}
],
"notes": [
{
"category": "general",
"text": "The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10012",
"url": "https://www.suse.com/security/cve/CVE-2016-10012"
},
{
"category": "external",
"summary": "SUSE Bug 1006166 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1006166"
},
{
"category": "external",
"summary": "SUSE Bug 1016336 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1016336"
},
{
"category": "external",
"summary": "SUSE Bug 1016369 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1016369"
},
{
"category": "external",
"summary": "SUSE Bug 1016370 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1016370"
},
{
"category": "external",
"summary": "SUSE Bug 1017870 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1017870"
},
{
"category": "external",
"summary": "SUSE Bug 1026634 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1026634"
},
{
"category": "external",
"summary": "SUSE Bug 1035742 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1035742"
},
{
"category": "external",
"summary": "SUSE Bug 1073044 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1073044"
},
{
"category": "external",
"summary": "SUSE Bug 1092582 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1092582"
},
{
"category": "external",
"summary": "SUSE Bug 1138392 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1138392"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-11T08:50:47Z",
"details": "low"
}
],
"title": "CVE-2016-10012"
},
{
"cve": "CVE-2016-10708",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10708"
}
],
"notes": [
{
"category": "general",
"text": "sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10708",
"url": "https://www.suse.com/security/cve/CVE-2016-10708"
},
{
"category": "external",
"summary": "SUSE Bug 1076957 for CVE-2016-10708",
"url": "https://bugzilla.suse.com/1076957"
},
{
"category": "external",
"summary": "SUSE Bug 1106726 for CVE-2016-10708",
"url": "https://bugzilla.suse.com/1106726"
},
{
"category": "external",
"summary": "SUSE Bug 1138392 for CVE-2016-10708",
"url": "https://bugzilla.suse.com/1138392"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-11T08:50:47Z",
"details": "moderate"
}
],
"title": "CVE-2016-10708"
},
{
"cve": "CVE-2017-15906",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-15906"
}
],
"notes": [
{
"category": "general",
"text": "The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-15906",
"url": "https://www.suse.com/security/cve/CVE-2017-15906"
},
{
"category": "external",
"summary": "SUSE Bug 1064285 for CVE-2017-15906",
"url": "https://bugzilla.suse.com/1064285"
},
{
"category": "external",
"summary": "SUSE Bug 1065000 for CVE-2017-15906",
"url": "https://bugzilla.suse.com/1065000"
},
{
"category": "external",
"summary": "SUSE Bug 1074115 for CVE-2017-15906",
"url": "https://bugzilla.suse.com/1074115"
},
{
"category": "external",
"summary": "SUSE Bug 1079488 for CVE-2017-15906",
"url": "https://bugzilla.suse.com/1079488"
},
{
"category": "external",
"summary": "SUSE Bug 1090163 for CVE-2017-15906",
"url": "https://bugzilla.suse.com/1090163"
},
{
"category": "external",
"summary": "SUSE Bug 1099316 for CVE-2017-15906",
"url": "https://bugzilla.suse.com/1099316"
},
{
"category": "external",
"summary": "SUSE Bug 1138392 for CVE-2017-15906",
"url": "https://bugzilla.suse.com/1138392"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.s390x",
"SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-11T08:50:47Z",
"details": "moderate"
}
],
"title": "CVE-2017-15906"
}
]
}
SUSE-SU-2018:2719-1
Vulnerability from csaf_suse - Published: 2018-09-14 14:06 - Updated: 2018-09-14 14:06Summary
Security update for openssh-openssl1
Severity
Important
Notes
Title of the patch: Security update for openssh-openssl1
Description of the patch: This update for openssh-openssl1 fixes the following issues:
These security issues were fixed:
- CVE-2016-10708: Prevent NULL pointer dereference via an out-of-sequence
NEWKEYS message allowed remote attackers to cause a denial of service
(bsc#1076957).
- CVE-2017-15906: The process_open function did not properly prevent write
operations in readonly mode, which allowed attackers to create zero-length
files (bsc#1065000).
- CVE-2016-10012: The shared memory manager (associated with pre-authentication
compression) did not ensure that a bounds check is enforced by all compilers,
which might have allowed local users to gain privileges by leveraging access to
a sandboxed privilege-separation process, related to the m_zback and m_zlib
data structures (bsc#1016370).
- CVE-2008-1483: Prevent local users from hijacking forwarded X connections by
causing ssh to set DISPLAY to :10, even when another process is listening on
the associated port. This problem was reontroduced by another patch and was
previously fixed by another update (bsc#1069509).
These non-security issues were fixed:
- Remove duplicate KEX method (bsc#1053972)
- New switch for printing diagnostic messages in sftp client's batch mode (bsc#1023275)
- Enable case-insensitive hostname matching (bsc#1017099)
Patchnames: secsp3-openssh-openssl1-13777
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.2 (High)
Affected products
Recommended
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
5.3 (Medium)
Affected products
Recommended
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
44 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssh-openssl1",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssh-openssl1 fixes the following issues:\n\nThese security issues were fixed:\n\n- CVE-2016-10708: Prevent NULL pointer dereference via an out-of-sequence\n NEWKEYS message allowed remote attackers to cause a denial of service\n (bsc#1076957).\n- CVE-2017-15906: The process_open function did not properly prevent write\n operations in readonly mode, which allowed attackers to create zero-length\n files (bsc#1065000).\n- CVE-2016-10012: The shared memory manager (associated with pre-authentication\n compression) did not ensure that a bounds check is enforced by all compilers,\n which might have allowed local users to gain privileges by leveraging access to\n a sandboxed privilege-separation process, related to the m_zback and m_zlib\n data structures (bsc#1016370).\n- CVE-2008-1483: Prevent local users from hijacking forwarded X connections by\n causing ssh to set DISPLAY to :10, even when another process is listening on\n the associated port. This problem was reontroduced by another patch and was\n previously fixed by another update (bsc#1069509).\n\nThese non-security issues were fixed:\n\n- Remove duplicate KEX method (bsc#1053972)\n- New switch for printing diagnostic messages in sftp client\u0027s batch mode (bsc#1023275)\n- Enable case-insensitive hostname matching (bsc#1017099)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "secsp3-openssh-openssl1-13777",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_2719-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:2719-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182719-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:2719-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-September/004564.html"
},
{
"category": "self",
"summary": "SUSE Bug 1016370",
"url": "https://bugzilla.suse.com/1016370"
},
{
"category": "self",
"summary": "SUSE Bug 1017099",
"url": "https://bugzilla.suse.com/1017099"
},
{
"category": "self",
"summary": "SUSE Bug 1023275",
"url": "https://bugzilla.suse.com/1023275"
},
{
"category": "self",
"summary": "SUSE Bug 1053972",
"url": "https://bugzilla.suse.com/1053972"
},
{
"category": "self",
"summary": "SUSE Bug 1065000",
"url": "https://bugzilla.suse.com/1065000"
},
{
"category": "self",
"summary": "SUSE Bug 1069509",
"url": "https://bugzilla.suse.com/1069509"
},
{
"category": "self",
"summary": "SUSE Bug 1076957",
"url": "https://bugzilla.suse.com/1076957"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2008-1483 page",
"url": "https://www.suse.com/security/cve/CVE-2008-1483/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10012 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10012/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10708 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10708/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-15906 page",
"url": "https://www.suse.com/security/cve/CVE-2017-15906/"
}
],
"title": "Security update for openssh-openssl1",
"tracking": {
"current_release_date": "2018-09-14T14:06:53Z",
"generator": {
"date": "2018-09-14T14:06:53Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:2719-1",
"initial_release_date": "2018-09-14T14:06:53Z",
"revision_history": [
{
"date": "2018-09-14T14:06:53Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "openssh-openssl1-6.6p1-19.3.1.i586",
"product": {
"name": "openssh-openssl1-6.6p1-19.3.1.i586",
"product_id": "openssh-openssl1-6.6p1-19.3.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-openssl1-helpers-6.6p1-19.3.1.i586",
"product": {
"name": "openssh-openssl1-helpers-6.6p1-19.3.1.i586",
"product_id": "openssh-openssl1-helpers-6.6p1-19.3.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-openssl1-6.6p1-19.3.1.ia64",
"product": {
"name": "openssh-openssl1-6.6p1-19.3.1.ia64",
"product_id": "openssh-openssl1-6.6p1-19.3.1.ia64"
}
},
{
"category": "product_version",
"name": "openssh-openssl1-helpers-6.6p1-19.3.1.ia64",
"product": {
"name": "openssh-openssl1-helpers-6.6p1-19.3.1.ia64",
"product_id": "openssh-openssl1-helpers-6.6p1-19.3.1.ia64"
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-openssl1-6.6p1-19.3.1.ppc64",
"product": {
"name": "openssh-openssl1-6.6p1-19.3.1.ppc64",
"product_id": "openssh-openssl1-6.6p1-19.3.1.ppc64"
}
},
{
"category": "product_version",
"name": "openssh-openssl1-helpers-6.6p1-19.3.1.ppc64",
"product": {
"name": "openssh-openssl1-helpers-6.6p1-19.3.1.ppc64",
"product_id": "openssh-openssl1-helpers-6.6p1-19.3.1.ppc64"
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-openssl1-6.6p1-19.3.1.s390x",
"product": {
"name": "openssh-openssl1-6.6p1-19.3.1.s390x",
"product_id": "openssh-openssl1-6.6p1-19.3.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-openssl1-helpers-6.6p1-19.3.1.s390x",
"product": {
"name": "openssh-openssl1-helpers-6.6p1-19.3.1.s390x",
"product_id": "openssh-openssl1-helpers-6.6p1-19.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-openssl1-6.6p1-19.3.1.x86_64",
"product": {
"name": "openssh-openssl1-6.6p1-19.3.1.x86_64",
"product_id": "openssh-openssl1-6.6p1-19.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-openssl1-helpers-6.6p1-19.3.1.x86_64",
"product": {
"name": "openssh-openssl1-helpers-6.6p1-19.3.1.x86_64",
"product_id": "openssh-openssl1-helpers-6.6p1-19.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11-SECURITY",
"product": {
"name": "SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:11:security"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-openssl1-6.6p1-19.3.1.i586 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.i586"
},
"product_reference": "openssh-openssl1-6.6p1-19.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-openssl1-6.6p1-19.3.1.ia64 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ia64"
},
"product_reference": "openssh-openssl1-6.6p1-19.3.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-openssl1-6.6p1-19.3.1.ppc64 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ppc64"
},
"product_reference": "openssh-openssl1-6.6p1-19.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-openssl1-6.6p1-19.3.1.s390x as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.s390x"
},
"product_reference": "openssh-openssl1-6.6p1-19.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-openssl1-6.6p1-19.3.1.x86_64 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.x86_64"
},
"product_reference": "openssh-openssl1-6.6p1-19.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-openssl1-helpers-6.6p1-19.3.1.i586 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.i586"
},
"product_reference": "openssh-openssl1-helpers-6.6p1-19.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-openssl1-helpers-6.6p1-19.3.1.ia64 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ia64"
},
"product_reference": "openssh-openssl1-helpers-6.6p1-19.3.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-openssl1-helpers-6.6p1-19.3.1.ppc64 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ppc64"
},
"product_reference": "openssh-openssl1-helpers-6.6p1-19.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-openssl1-helpers-6.6p1-19.3.1.s390x as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.s390x"
},
"product_reference": "openssh-openssl1-helpers-6.6p1-19.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-openssl1-helpers-6.6p1-19.3.1.x86_64 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.x86_64"
},
"product_reference": "openssh-openssl1-helpers-6.6p1-19.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2008-1483",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2008-1483"
}
],
"notes": [
{
"category": "general",
"text": "OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2008-1483",
"url": "https://www.suse.com/security/cve/CVE-2008-1483"
},
{
"category": "external",
"summary": "SUSE Bug 1069509 for CVE-2008-1483",
"url": "https://bugzilla.suse.com/1069509"
},
{
"category": "external",
"summary": "SUSE Bug 373527 for CVE-2008-1483",
"url": "https://bugzilla.suse.com/373527"
},
{
"category": "external",
"summary": "SUSE Bug 585630 for CVE-2008-1483",
"url": "https://bugzilla.suse.com/585630"
},
{
"category": "external",
"summary": "SUSE Bug 647633 for CVE-2008-1483",
"url": "https://bugzilla.suse.com/647633"
},
{
"category": "external",
"summary": "SUSE Bug 706386 for CVE-2008-1483",
"url": "https://bugzilla.suse.com/706386"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-14T14:06:53Z",
"details": "important"
}
],
"title": "CVE-2008-1483"
},
{
"cve": "CVE-2016-10012",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10012"
}
],
"notes": [
{
"category": "general",
"text": "The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10012",
"url": "https://www.suse.com/security/cve/CVE-2016-10012"
},
{
"category": "external",
"summary": "SUSE Bug 1006166 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1006166"
},
{
"category": "external",
"summary": "SUSE Bug 1016336 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1016336"
},
{
"category": "external",
"summary": "SUSE Bug 1016369 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1016369"
},
{
"category": "external",
"summary": "SUSE Bug 1016370 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1016370"
},
{
"category": "external",
"summary": "SUSE Bug 1017870 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1017870"
},
{
"category": "external",
"summary": "SUSE Bug 1026634 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1026634"
},
{
"category": "external",
"summary": "SUSE Bug 1035742 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1035742"
},
{
"category": "external",
"summary": "SUSE Bug 1073044 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1073044"
},
{
"category": "external",
"summary": "SUSE Bug 1092582 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1092582"
},
{
"category": "external",
"summary": "SUSE Bug 1138392 for CVE-2016-10012",
"url": "https://bugzilla.suse.com/1138392"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-14T14:06:53Z",
"details": "low"
}
],
"title": "CVE-2016-10012"
},
{
"cve": "CVE-2016-10708",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10708"
}
],
"notes": [
{
"category": "general",
"text": "sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10708",
"url": "https://www.suse.com/security/cve/CVE-2016-10708"
},
{
"category": "external",
"summary": "SUSE Bug 1076957 for CVE-2016-10708",
"url": "https://bugzilla.suse.com/1076957"
},
{
"category": "external",
"summary": "SUSE Bug 1106726 for CVE-2016-10708",
"url": "https://bugzilla.suse.com/1106726"
},
{
"category": "external",
"summary": "SUSE Bug 1138392 for CVE-2016-10708",
"url": "https://bugzilla.suse.com/1138392"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-14T14:06:53Z",
"details": "moderate"
}
],
"title": "CVE-2016-10708"
},
{
"cve": "CVE-2017-15906",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-15906"
}
],
"notes": [
{
"category": "general",
"text": "The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-15906",
"url": "https://www.suse.com/security/cve/CVE-2017-15906"
},
{
"category": "external",
"summary": "SUSE Bug 1064285 for CVE-2017-15906",
"url": "https://bugzilla.suse.com/1064285"
},
{
"category": "external",
"summary": "SUSE Bug 1065000 for CVE-2017-15906",
"url": "https://bugzilla.suse.com/1065000"
},
{
"category": "external",
"summary": "SUSE Bug 1074115 for CVE-2017-15906",
"url": "https://bugzilla.suse.com/1074115"
},
{
"category": "external",
"summary": "SUSE Bug 1079488 for CVE-2017-15906",
"url": "https://bugzilla.suse.com/1079488"
},
{
"category": "external",
"summary": "SUSE Bug 1090163 for CVE-2017-15906",
"url": "https://bugzilla.suse.com/1090163"
},
{
"category": "external",
"summary": "SUSE Bug 1099316 for CVE-2017-15906",
"url": "https://bugzilla.suse.com/1099316"
},
{
"category": "external",
"summary": "SUSE Bug 1138392 for CVE-2017-15906",
"url": "https://bugzilla.suse.com/1138392"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-14T14:06:53Z",
"details": "moderate"
}
],
"title": "CVE-2017-15906"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…