Contact | Site en Français               

 


 

Vulnerabilities & Threats
 
  VUPEN Security Advisories
  Linux Security Advisories

  Malware Advisories
  Security Research
  Threat Watch Blog
  Zero-Day Monitor
  Search Engine
  Mailing List & RSS
 
   

>> Fedora Security Update Fixes OpenSSH Remote Information Disclosure Vulnerability

Title : Fedora Security Update Fixes OpenSSH Remote Information Disclosure Vulnerability
VUPEN ID : VUPEN/ADV-2007-1257
CVE ID : CVE-2006-5052
Rated as : Moderate Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-04-05

Technical Description    Receive VUPEN Security alerts in a Text format  Receive VUPEN Security alerts in a PDF format  Receive VUPEN Security alerts in an XML format 

Fedora has released security updates to address a vulnerability identified in OpenSSH. This issue could be exploited by attackers to gain knowledge of sensitive information. For additional information, see : VUPEN/ADV-2006-3777

Affected Products

Fedora Core 6
Fedora Core 5

Solution

Upgrade the affected packages :

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/

d618e0405fe5c50e50da6dc6449f4ced65081ba1 SRPMS/openssh-4.3p2-19.fc6.src.rpm
d618e0405fe5c50e50da6dc6449f4ced65081ba1 noarch/openssh-4.3p2-19.fc6.src.rpm
1697767b4acf1c6a0609d470f3572e89200b0d71 ppc/openssh-server-4.3p2-19.fc6.ppc.rpm
7ddb1f517b02a3d0c98783e9d3c33dccae348293 ppc/debug/openssh-debuginfo-4.3p2-19.fc6.ppc.rpm
7ad95447da9c547b89b5a15562fe7117ebaebaee ppc/openssh-clients-4.3p2-19.fc6.ppc.rpm
4c89e898fb29c6e166f42b182efbaeef7630fc92 ppc/openssh-4.3p2-19.fc6.ppc.rpm
31bd98a19c8b4ccb38be4586decc1c9233e31b27 ppc/openssh-askpass-4.3p2-19.fc6.ppc.rpm
95bc316b1e4b99571254d340682507decff04287 x86_64/debug/openssh-debuginfo-4.3p2-19.fc6.x86_64.rpm
8346de69721d4c978193955e219bf1142d0af059 x86_64/openssh-4.3p2-19.fc6.x86_64.rpm
9affce96ef52316a2ed2015ccf18c522dbbde365 x86_64/openssh-server-4.3p2-19.fc6.x86_64.rpm
5d47c4b61e157d097e1509b8ad83e195ca9a66e3 x86_64/openssh-clients-4.3p2-19.fc6.x86_64.rpm
ceb817ca910998d4dbd903eace783d1f827f33ec x86_64/openssh-askpass-4.3p2-19.fc6.x86_64.rpm
daaf9660fc0109f8619304405249fb7a0ac508f6 i386/openssh-4.3p2-19.fc6.i386.rpm
c6d9ff90ddea33556c1913e2c34abf8e8d6bf1a7 i386/debug/openssh-debuginfo-4.3p2-19.fc6.i386.rpm
d573f33d72e5b1f63e4f3d6e208eca93dd328c09 i386/openssh-askpass-4.3p2-19.fc6.i386.rpm
e53a2d9e831e94e9047d3f781a1d73d23abbf7ef i386/openssh-clients-4.3p2-19.fc6.i386.rpm
2c8a19e422f368c6a344d43579bae4945bfdf194 i386/openssh-server-4.3p2-19.fc6.i386.rpm

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/

49a0f04ff39103ca6633df0dc7c8675df017d8cd SRPMS/openssh-4.3p2-4.12.fc5.src.rpm
49a0f04ff39103ca6633df0dc7c8675df017d8cd noarch/openssh-4.3p2-4.12.fc5.src.rpm
f695b07aedd02e76bc7f8d1a4ae457f5b484a3af ppc/openssh-4.3p2-4.12.fc5.ppc.rpm
0a5cd836fa70c740b29f68a88b1b8e858f066d1f ppc/debug/openssh-debuginfo-4.3p2-4.12.fc5.ppc.rpm
ac93ac9b25c3ab5116381bcd625648fa85c1edfc ppc/openssh-clients-4.3p2-4.12.fc5.ppc.rpm
ca64ff05c6d7259e7c7ab521aee98d8b64cd7c57 ppc/openssh-askpass-4.3p2-4.12.fc5.ppc.rpm
9c8d538b586029bd7175e2c27281d5cb5d353db3 ppc/openssh-server-4.3p2-4.12.fc5.ppc.rpm
f26b84014a8d4c500f82cd4e723bdd740f9d0966 x86_64/openssh-4.3p2-4.12.fc5.x86_64.rpm
4cdabc66ec4f01b04ca0c4a08c0a2b348c51ec6e x86_64/openssh-server-4.3p2-4.12.fc5.x86_64.rpm
359bb446bb1ae94980c88e90ef3fa7ad3cc385a4 x86_64/openssh-clients-4.3p2-4.12.fc5.x86_64.rpm
aea197e6daee743926b13b797ca3ade0904d4ef4 x86_64/openssh-askpass-4.3p2-4.12.fc5.x86_64.rpm
5d7cc4bbbcbf234cbcf5cb467a8ac89501c4fd15 x86_64/debug/openssh-debuginfo-4.3p2-4.12.fc5.x86_64.rpm
40c1eb6b49deb3d6571f0a634c06cdbbbe9dbf08 i386/openssh-server-4.3p2-4.12.fc5.i386.rpm
040f2997e5dc10d593425bae9b412c9bffe98717 i386/openssh-askpass-4.3p2-4.12.fc5.i386.rpm
863f9d7fcdf757af0bf37054d649d249a7c5acca i386/openssh-clients-4.3p2-4.12.fc5.i386.rpm
a9f0cf8528b4e59e3b67e457c86b82a7f3851eb7 i386/debug/openssh-debuginfo-4.3p2-4.12.fc5.i386.rpm
9e44452820b0d0e66e0c8ac09d8d44381733e90a i386/openssh-4.3p2-4.12.fc5.i386.rpm

References

http://www.vupen.com/english/advisories/2007/1257
https://www.redhat.com/archives/fedora-package-announce/2007-April/msg00010.html
https://www.redhat.com/archives/fedora-package-announce/2007-April/msg00011.html

ChangeLog

2007-04-05 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.
 

Vulnerability Alerting

Free 14-Day Trial
 
  Latest News

 

  >> 2009-07-06

     

  Microsoft Windows 0-Day
  Flaw Exploited in the Wild


  >> 2009-06-10

     

  VUPEN Security Research
  Discovered Critical Flaws
  in Adobe Acrobat and MS
  Office Word


  >> 2009-06-02

     

  VUPEN Security Research
  Discovered Critical Flaws
  in ACDSee Products


  >> 2009-05-22

     

  VUPEN Discovered Two
  Critical Vulnerabilities in
  Novell GroupWise 8 / 7

 

 

More Informations    
    








Copyright 2003-2009 © VUPEN.COM - Privacy Policy