Bugs fixes in "openssh"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2017-15906 | The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers | 2018-01-22 |
| CVE | CVE-2016-10012 | The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enfor | 2018-01-22 |
| CVE | CVE-2016-10011 | authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtai | 2018-01-22 |
| CVE | CVE-2016-10010 | sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to ga | 2018-01-22 |
| CVE | CVE-2016-10009 | Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modu | 2018-01-22 |
| CVE | CVE-2017-15906 | The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers | 2018-01-22 |
| CVE | CVE-2016-10012 | The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enfor | 2018-01-22 |
| CVE | CVE-2016-10011 | authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtai | 2018-01-22 |
| CVE | CVE-2016-10010 | sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to ga | 2018-01-22 |
| CVE | CVE-2016-10009 | Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modu | 2018-01-22 |
| Launchpad | 1670745 | ssh-keyscan : bad host signature when using port option | 2017-05-10 |
| Launchpad | 1668093 | ssh-keygen -H corrupts already hashed entries | 2017-05-10 |
| Launchpad | 1670745 | ssh-keyscan : bad host signature when using port option | 2017-05-10 |
| Launchpad | 1668093 | ssh-keygen -H corrupts already hashed entries | 2017-05-10 |
| Launchpad | 1670745 | ssh-keyscan : bad host signature when using port option | 2017-04-06 |
| Launchpad | 1668093 | ssh-keygen -H corrupts already hashed entries | 2017-04-06 |
| Launchpad | 1670745 | ssh-keyscan : bad host signature when using port option | 2017-04-06 |
| Launchpad | 1668093 | ssh-keygen -H corrupts already hashed entries | 2017-04-06 |
| CVE | CVE-2016-6515 | The auth_password function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password authentication, which allows r | 2016-08-15 |
| CVE | CVE-2016-6210 | User enumeration via covert timing channel | 2016-08-15 |
About
-
Send Feedback to @ubuntu_updates
