| Nessus Plugin ID: 27366 | Name: SuSE Security Update: openssh: Security fix for CVE-2006-5794 (openssh-2256) |
| CVE References: CVE-2006-5794 (cve.mitre.org, nvd.nist.gov) |
| SANS/FBI TOP20 Reference: |
| Group/Family: SuSE Local Security Checks |
| Risk: High |
Description: Synopsis :
The remote SuSE system is missing the security patch openssh-2256
Description :
The OpenSSH release 4.5 contains a security fix which has
been backported to the openssh versions in our old products.
CVE-2006-5794: Incorrect return argument checking in the
privilege separation monitor was fixed. In case of an
exploitable unprivileged helper this could have been used
to elevate privileges.
Solution :
Install the openssh-2256 security patch by using 'yast', for example.
/ CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
|
| Created: 2007-10-21 03:42:12 | Last Changed: 2010-08-22 04:37:46 |