Contact | Site en Français               

 


 

Vulnerabilities & Threats
 
  VUPEN Security Advisories
  Linux Security Advisories

  Malware Advisories
  Security Research
  Threat Watch Blog
  Zero-Day Monitor
  Search Engine
  Mailing List & RSS
 
   

>> Mandriva Security Update Fixes OpenSSH Privilege Separation Monitor Issue

Title : Mandriva Security Update Fixes OpenSSH Privilege Separation Monitor Issue
VUPEN ID : VUPEN/ADV-2006-4435
CVE ID : CVE-2006-5794
Rated as : Low Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2006-11-10

Technical Description    Receive VUPEN Security alerts in a Text format  Receive VUPEN Security alerts in a PDF format  Receive VUPEN Security alerts in an XML format  Receive VUPEN Security notifications by SMS 

Mandriva has released updated packages to address a vulnerability identified in OpenSSH. This flaw could be exploited in combination with other vulnerabilities to weaken the authentication process. For additional information, see : VUPEN/ADV-2006-4399

Affected Products

Mandriva Linux 2006.0
Mandriva Linux 2007.0
Mandriva Corporate 3.0
Mandriva Corporate 4.0
Mandriva Multi Network Firewall 2.0

Solution

Upgrade the affected packages :

Mandriva Linux 2006.0:
97d55a01498ae859817c236d6be17bb5 2006.0/i586/openssh-4.3p1-0.4.20060mdk.i586.rpm
a47c9f8361c91de4c97b827171f379be 2006.0/i586/openssh-askpass-4.3p1-0.4.20060mdk.i586.rpm
6a18e82f1251073d4f17bcb653a8da4a 2006.0/i586/openssh-askpass-gnome-4.3p1-0.4.20060mdk.i586.rpm
36995045f95028848691226a3624d701 2006.0/i586/openssh-clients-4.3p1-0.4.20060mdk.i586.rpm
598feb16c5b77c20b8d8e364a6d0a83e 2006.0/i586/openssh-server-4.3p1-0.4.20060mdk.i586.rpm
3c4642aa46959520d6374c5dd55c2488 2006.0/SRPMS/openssh-4.3p1-0.4.20060mdk.src.rpm

Mandriva Linux 2006.0/X86_64:
d5d932876aab273d0734de9a156f3514 2006.0/x86_64/openssh-4.3p1-0.4.20060mdk.x86_64.rpm
4d921a0e4c743b78824c100e49480a43 2006.0/x86_64/openssh-askpass-4.3p1-0.4.20060mdk.x86_64.rpm
79d975ab47eb58aa39350d0cb56a3507 2006.0/x86_64/openssh-askpass-gnome-4.3p1-0.4.20060mdk.x86_64.rpm
52eb00190b757e7ca842fad40e34cdec 2006.0/x86_64/openssh-clients-4.3p1-0.4.20060mdk.x86_64.rpm
25bb2488c0c460ca2ee28814b5902d6f 2006.0/x86_64/openssh-server-4.3p1-0.4.20060mdk.x86_64.rpm
3c4642aa46959520d6374c5dd55c2488 2006.0/SRPMS/openssh-4.3p1-0.4.20060mdk.src.rpm

Mandriva Linux 2007.0:
685ed779bc6e5b069456c1a1ec3cbde0 2007.0/i586/openssh-4.5p1-0.1mdv2007.0.i586.rpm
22384a44c965285f8077624d7d35c2aa 2007.0/i586/openssh-askpass-4.5p1-0.1mdv2007.0.i586.rpm
eb05d1b12e62a590d6a627ea9a058a1a 2007.0/i586/openssh-askpass-common-4.5p1-0.1mdv2007.0.i586.rpm
31de85b9ec2be0990e03f0e52350a826 2007.0/i586/openssh-askpass-gnome-4.5p1-0.1mdv2007.0.i586.rpm
9a17d425bdd1e7d62ecc96dccbb25aaf 2007.0/i586/openssh-clients-4.5p1-0.1mdv2007.0.i586.rpm
d93dc4b53d3e9a683dc5878ae5bf3139 2007.0/i586/openssh-server-4.5p1-0.1mdv2007.0.i586.rpm
48dfb1f18e3a82ba39fc5dcdbc98ac9b 2007.0/SRPMS/openssh-4.5p1-0.1mdv2007.0.src.rpm

Mandriva Linux 2007.0/X86_64:
083b3ffdb875a5f053c41bc8913b9bea 2007.0/x86_64/openssh-4.5p1-0.1mdv2007.0.x86_64.rpm
3e096fa50c7440c76f748c9d6c76f551 2007.0/x86_64/openssh-askpass-4.5p1-0.1mdv2007.0.x86_64.rpm
a0b32fd47e7b00b3240ae94a3e555915 2007.0/x86_64/openssh-askpass-common-4.5p1-0.1mdv2007.0.x86_64.rpm
8c200957e509389151a07b56b2a1b9d2 2007.0/x86_64/openssh-askpass-gnome-4.5p1-0.1mdv2007.0.x86_64.rpm
cb15557e3e324dfd9a4c4739f2513989 2007.0/x86_64/openssh-clients-4.5p1-0.1mdv2007.0.x86_64.rpm
0a4aedec1aee0c6449eb4258e98417ab 2007.0/x86_64/openssh-server-4.5p1-0.1mdv2007.0.x86_64.rpm
48dfb1f18e3a82ba39fc5dcdbc98ac9b 2007.0/SRPMS/openssh-4.5p1-0.1mdv2007.0.src.rpm

Corporate 3.0:
55fdb58d443f991360f2f650c55be459 corporate/3.0/i586/openssh-4.3p1-0.3.C30mdk.i586.rpm
49862cc132762967617b68eb04a7227b corporate/3.0/i586/openssh-askpass-4.3p1-0.3.C30mdk.i586.rpm
ef5f7e7432c6545e2ed5b652db791347 corporate/3.0/i586/openssh-askpass-gnome-4.3p1-0.3.C30mdk.i586.rpm
74f630bf4cabda7c0e74d8dcddb2df96 corporate/3.0/i586/openssh-clients-4.3p1-0.3.C30mdk.i586.rpm
1a59b176b78cd8a042847f91c94e34e7 corporate/3.0/i586/openssh-server-4.3p1-0.3.C30mdk.i586.rpm
4e683f1e7cf9a3f00ac6792e661184bb corporate/3.0/SRPMS/openssh-4.3p1-0.3.C30mdk.src.rpm

Corporate 3.0/X86_64:
53994a4dca0377a152eef5b7b1824db6 corporate/3.0/x86_64/openssh-4.3p1-0.3.C30mdk.x86_64.rpm
09832364e0f432cd254b3ed53876b9c7 corporate/3.0/x86_64/openssh-askpass-4.3p1-0.3.C30mdk.x86_64.rpm
ba54af4f6d57353cf07ead346ef0a66e corporate/3.0/x86_64/openssh-askpass-gnome-4.3p1-0.3.C30mdk.x86_64.rpm
0a3351846f58a6f59def15b93ac75463 corporate/3.0/x86_64/openssh-clients-4.3p1-0.3.C30mdk.x86_64.rpm
c5afc0df524e025b6a1f685dd5475d85 corporate/3.0/x86_64/openssh-server-4.3p1-0.3.C30mdk.x86_64.rpm
4e683f1e7cf9a3f00ac6792e661184bb corporate/3.0/SRPMS/openssh-4.3p1-0.3.C30mdk.src.rpm

Corporate 4.0:
91b64f8c6354fe0dac3bbc45412a90cb corporate/4.0/i586/openssh-4.3p1-0.4.20060mlcs4.i586.rpm
f894df39703e3526828d40b87905c900 corporate/4.0/i586/openssh-askpass-4.3p1-0.4.20060mlcs4.i586.rpm
981aa54d8a6ad3ed6f350f6871c61edc corporate/4.0/i586/openssh-askpass-gnome-4.3p1-0.4.20060mlcs4.i586.rpm
77c2c6eecd5d45d9e1f2f9ca39e8d54d corporate/4.0/i586/openssh-clients-4.3p1-0.4.20060mlcs4.i586.rpm
feb3958987ee69997170c5464bd596ac corporate/4.0/i586/openssh-server-4.3p1-0.4.20060mlcs4.i586.rpm
5f958b84f60ef962b84a4f46b6d80424 corporate/4.0/SRPMS/openssh-4.3p1-0.4.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
16c2fea9fa550b9827e619b43b731bdd corporate/4.0/x86_64/openssh-4.3p1-0.4.20060mlcs4.x86_64.rpm
3b1de1edad9666fe782736f32c450104 corporate/4.0/x86_64/openssh-askpass-4.3p1-0.4.20060mlcs4.x86_64.rpm
351b0c9655f7d516a608376620d93aa8 corporate/4.0/x86_64/openssh-askpass-gnome-4.3p1-0.4.20060mlcs4.x86_64.rpm
487f7c3948e58b0e5e03a1b419b6a339 corporate/4.0/x86_64/openssh-clients-4.3p1-0.4.20060mlcs4.x86_64.rpm
a03b7d99254a22c05c3e6043c5e82e94 corporate/4.0/x86_64/openssh-server-4.3p1-0.4.20060mlcs4.x86_64.rpm
5f958b84f60ef962b84a4f46b6d80424 corporate/4.0/SRPMS/openssh-4.3p1-0.4.20060mlcs4.src.rpm

Multi Network Firewall 2.0:
2c2cd66daadd721d7065112d66b1ed98 mnf/2.0/i586/openssh-4.3p1-0.3.M20mdk.i586.rpm
ab6d7afa2944fdf1e38ca76e2ee7484c mnf/2.0/i586/openssh-askpass-4.3p1-0.3.M20mdk.i586.rpm
246f480977cacf68ee80ef51d5ecc577 mnf/2.0/i586/openssh-askpass-gnome-4.3p1-0.3.M20mdk.i586.rpm
3e98575c58f023e11733fddd0c8ec459 mnf/2.0/i586/openssh-clients-4.3p1-0.3.M20mdk.i586.rpm
9ba7ab6f44be202d16377cd04f1eb69e mnf/2.0/i586/openssh-server-4.3p1-0.3.M20mdk.i586.rpm
f2c5acde98d371f1efb858a9c3d07da8 mnf/2.0/SRPMS/openssh-4.3p1-0.3.M20mdk.src.rpm

References

http://www.vupen.com/english/advisories/2006/4435
http://archives.mandrivalinux.com/security-announce/2006-11/msg00011.php

ChangeLog

2006-11-10 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time e-mail and SMS alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.
 

Vulnerability Alerting

Free 14-Day Trial
 
  Latest News

 

  >> 2009-06-10

     

  VUPEN Security Research
  Discovered Critical Flaws
  in Adobe Acrobat and MS
  Office Word


  >> 2009-06-02

     

  VUPEN Security Research
  Discovered Critical Flaws
  in ACDSee Products


  >> 2009-05-22

     

  VUPEN Discovered Two
  Critical Vulnerabilities in
  Novell GroupWise 8 / 7


  >> 2009-05-12

     

  Microsoft Patched 14
  Office PowerPoint Flaws

 

  >> 2009-04-28

     

  Adobe Reader / Acrobat
  Vulnerabilities Disclosed

 

 

More Informations    
    








Copyright 2003-2009 © VUPEN.COM - Privacy Policy