CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
Percentile
82.5%
Issue Overview:
It was reported that when forwarding X11 connections with ForwardX11Trusted=no, connections made after ForwardX11Timeout expired could be permitted and no longer subject to XSECURITY restrictions because of an ineffective timeout check in ssh(1) coupled with “fail open” behavior in the X11 server when clients attempted connections with expired credentials.
Affected Packages:
openssh
Issue Correction:
Run yum update openssh to update your system.
New Packages:
i686:
openssh-server-6.2p2-8.44.amzn1.i686
openssh-debuginfo-6.2p2-8.44.amzn1.i686
openssh-clients-6.2p2-8.44.amzn1.i686
pam_ssh_agent_auth-0.9.3-5.8.44.amzn1.i686
openssh-6.2p2-8.44.amzn1.i686
openssh-ldap-6.2p2-8.44.amzn1.i686
openssh-keycat-6.2p2-8.44.amzn1.i686
src:
openssh-6.2p2-8.44.amzn1.src
x86_64:
openssh-6.2p2-8.44.amzn1.x86_64
openssh-keycat-6.2p2-8.44.amzn1.x86_64
pam_ssh_agent_auth-0.9.3-5.8.44.amzn1.x86_64
openssh-clients-6.2p2-8.44.amzn1.x86_64
openssh-debuginfo-6.2p2-8.44.amzn1.x86_64
openssh-ldap-6.2p2-8.44.amzn1.x86_64
openssh-server-6.2p2-8.44.amzn1.x86_64
Red Hat: CVE-2015-5352
Mitre: CVE-2015-5352
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Amazon Linux | 1 | i686 | openssh-server | < 6.2p2-8.44.amzn1 | openssh-server-6.2p2-8.44.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | openssh-debuginfo | < 6.2p2-8.44.amzn1 | openssh-debuginfo-6.2p2-8.44.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | openssh-clients | < 6.2p2-8.44.amzn1 | openssh-clients-6.2p2-8.44.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | pam_ssh_agent_auth | < 0.9.3-5.8.44.amzn1 | pam_ssh_agent_auth-0.9.3-5.8.44.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | openssh | < 6.2p2-8.44.amzn1 | openssh-6.2p2-8.44.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | openssh-ldap | < 6.2p2-8.44.amzn1 | openssh-ldap-6.2p2-8.44.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | openssh-keycat | < 6.2p2-8.44.amzn1 | openssh-keycat-6.2p2-8.44.amzn1.i686.rpm |
Amazon Linux | 1 | x86_64 | openssh | < 6.2p2-8.44.amzn1 | openssh-6.2p2-8.44.amzn1.x86_64.rpm |
Amazon Linux | 1 | x86_64 | openssh-keycat | < 6.2p2-8.44.amzn1 | openssh-keycat-6.2p2-8.44.amzn1.x86_64.rpm |
Amazon Linux | 1 | x86_64 | pam_ssh_agent_auth | < 0.9.3-5.8.44.amzn1 | pam_ssh_agent_auth-0.9.3-5.8.44.amzn1.x86_64.rpm |