Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2015 Eero VolotinenOPENVAS:1361412562310121181
HistorySep 29, 2015 - 12:00 a.m.

Gentoo Security Advisory GLSA 201405-06

2015-09-2900:00:00
Copyright (C) 2015 Eero Volotinen
plugins.openvas.org
60

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

4.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N

6 Medium

AI Score

Confidence

High

0.123 Low

EPSS

Percentile

95.4%

JSON

Gentoo Linux Local Security Checks GLSA 201405-06

# SPDX-FileCopyrightText: 2015 Eero Volotinen
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-or-later

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.121181");
  script_version("2023-11-02T05:05:26+0000");
  script_tag(name:"creation_date", value:"2015-09-29 11:27:07 +0300 (Tue, 29 Sep 2015)");
  script_tag(name:"last_modification", value:"2023-11-02 05:05:26 +0000 (Thu, 02 Nov 2023)");
  script_name("Gentoo Security Advisory GLSA 201405-06");
  script_tag(name:"insight", value:"Multiple vulnerabilities have been discovered in OpenSSH. Please review the CVE identifiers referenced below for details.");
  script_tag(name:"solution", value:"Update the affected packages to the latest available version.");
  script_tag(name:"solution_type", value:"VendorFix");
  script_xref(name:"URL", value:"https://security.gentoo.org/glsa/201405-06");
  script_cve_id("CVE-2008-5161", "CVE-2010-4478", "CVE-2010-4755", "CVE-2010-5107", "CVE-2011-5000", "CVE-2012-0814", "CVE-2014-2532");
  script_tag(name:"cvss_base", value:"7.5");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_tag(name:"severity_vector", value:"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2018-07-19 01:29:00 +0000 (Thu, 19 Jul 2018)");
  script_tag(name:"qod_type", value:"package");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/gentoo", "ssh/login/pkg");
  script_category(ACT_GATHER_INFO);
  script_tag(name:"summary", value:"Gentoo Linux Local Security Checks GLSA 201405-06");
  script_copyright("Copyright (C) 2015 Eero Volotinen");
  script_family("Gentoo Local Security Checks");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-gentoo.inc");

res = "";
report = "";

if((res=ispkgvuln(pkg:"net-misc/openssh", unaffected: make_list("ge 6.6_p1-r1"), vulnerable: make_list("lt 6.6_p1-r1"))) != NULL) {
  report += res;
}

if(report != "") {
    security_message(data:report);
} else if (__pkg_match) {
    exit(99);
}

Related

gentoo 1
nessus 53
ibm 8
openvas 43
securityvulns 4
f5 14
fedora 4
checkpoint_advisories 2
ubuntucve 6
prion 7
cve 7
cvelist 7
debiancve 6
veracode 4
redhat 4
centos 3
oraclelinux 5
seebug 2
nvd 7
checkpoint_security 1
metasploit 1
amazon 1
slackware 1
mageia 1
ubuntu 1
hackerone 1
attackerkb 1
aix 2
osv 1
debian 1
gentoo
gentoo
OpenSSH: Multiple vulnerabilities
2014-05-11 00:00:00
nessus
nessus
GLSA-201405-06 : OpenSSH: Multiple vulnerabilities
2014-05-12 00:00:00
OpenSSH < 5.9 Multiple DoS
2019-08-21 00:00:00
OpenSSH < 5.9 Multiple DoS
2011-11-18 00:00:00
ibm
ibm
Security Bulletin: IBM System x and Flex Systems OpenSSH Vulnerabilities (CVE-2012-0814, CVE-2008-5161)
2019-01-30 08:05:01
Security Bulletin: Flex System Manager (FSM) vulnerability allows a denial of service attack (CVE-2010-5107)
2019-01-30 08:20:01
Security Bulletin: CBC mode ciphers, weak MD5 and MAC algorithms vulnerabilities in OpenSSH affect IBM Security Network Protection (CVE-2008-5161)
2018-06-16 21:38:50
openvas
openvas
OpenSSH <= 5.8 Multiple DoS Vulnerabilities
2014-04-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2012:1042-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2012:1045-1)
2021-06-09 00:00:00
securityvulns
securityvulns
[ MDVSA-2013:022 ] openssh
2013-03-24 00:00:00
OpenSSH security vulnerabilities
2013-03-24 00:00:00
[USN-2155-1] OpenSSH vulnerability
2014-03-27 00:00:00
f5
f5
SOL14317 - OpenSSH J-PAKE vulnerability CVE-2010-4478
2013-03-27 00:00:00
K14741 : OpenSSH vulnerability CVE-2010-5107
2015-09-15 00:00:00
OpenSSH J-PAKE vulnerability CVE-2010-4478
2013-03-28 07:51:00
fedora
fedora
[SECURITY] Fedora 18 Update: openssh-6.1p1-5.fc18
2013-02-13 04:33:12
[SECURITY] Fedora 17 Update: openssh-5.9p1-29.fc17
2013-02-26 02:47:11
[SECURITY] Fedora 19 Update: openssh-6.2p2-8.fc19
2014-06-10 02:51:15
checkpoint_advisories
checkpoint_advisories
OpenSSH maxstartup Threshold Connection Exhaustion denial of service (CVE-2010-5107)
2013-10-27 00:00:00
OpenSSH maxstartup Threshold Connection Exhaustion Denial of Service - ver 2 (CVE-2010-5107)
2013-10-27 00:00:00
ubuntucve
ubuntucve
CVE-2010-5107
2013-03-07 00:00:00
CVE-2011-5000
2012-04-05 00:00:00
CVE-2008-5161
2008-11-19 00:00:00
prion
prion
Default configuration
2013-03-07 20:55:00
Code injection
2008-11-19 17:30:00
Authentication flaw
2012-04-05 14:55:00
cve
cve
CVE-2010-5107
2013-03-07 20:55:01
CVE-2011-5000
2012-04-05 14:55:03
CVE-2008-5161
2008-11-19 17:30:00
cvelist
cvelist
CVE-2010-5107
2013-03-07 20:00:00
CVE-2011-5000
2012-04-04 10:00:00
CVE-2008-5161
2008-11-19 17:00:00
debiancve
debiancve
CVE-2010-5107
2013-03-07 20:55:01
CVE-2011-5000
2012-04-05 14:55:03
CVE-2008-5161
2008-11-19 17:30:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:51:36
Man-in-the-Middle (MitM)
2020-04-10 00:36:07
Denial Of Service (DoS)
2019-01-15 08:52:41
redhat
redhat
(RHSA-2013:1591) Low: openssh security, bug fix, and enhancement update
2013-11-21 00:00:00
(RHSA-2009:1287) Low: openssh security, bug fix, and enhancement update
2009-09-02 03:02:33
(RHSA-2012:0884) Low: openssh security, bug fix, and enhancement update
2012-06-20 00:00:00
centos
centos
openssh, pam_ssh_agent_auth security update
2013-11-26 13:32:28
openssh, pam_ssh_agent_auth security update
2012-07-10 17:25:37
openssh security update
2009-09-15 18:27:52
oraclelinux
oraclelinux
openssh security update
2016-02-24 00:00:00
openssh security, bug fix, and enhancement update
2013-11-26 00:00:00
openssh security, bug fix, and enhancement update
2012-06-27 00:00:00
seebug
seebug
OpenSSH้ป˜่ฎคๆœๅŠกๅ™จ้…็ฝฎๆ‹’็ปๆœๅŠกๆผๆดž(CVE-2010-5107)
2013-02-28 00:00:00
OpenSSH 'child_set_env()'ๅ‡ฝๆ•ฐๅฎ‰ๅ…จ็ป•่ฟ‡ๆผๆดž
2014-03-25 00:00:00
nvd
nvd
CVE-2010-5107
2013-03-07 20:55:01
CVE-2008-5161
2008-11-19 17:30:00
CVE-2011-5000
2012-04-05 14:55:03
checkpoint_security
checkpoint_security
Check Point response to OpenSSH CBC Mode Information Disclosure Vulnerability (CVE-2008-5161)
2008-11-20 22:00:00
metasploit
metasploit
SSH Version Scanner
2010-01-15 03:25:34
amazon
amazon
Medium: openssh
2012-07-05 16:18:00
slackware
slackware
[slackware-security] openssh
2014-03-28 22:55:11
mageia
mageia
Updated openssh packages fix CVE-2014-2532
2014-03-31 23:38:10
ubuntu
ubuntu
OpenSSH vulnerability
2014-03-25 00:00:00
hackerone
hackerone
Greenhouse.io: openssh-server Forced Command Handling Information Disclosure Vulnerability on blog.greenhouse.io
2014-08-18 04:04:39
attackerkb
attackerkb
CVE-2010-4478
2010-12-06 00:00:00
aix
aix
AIX OpenSSH Vulnerability
2013-04-08 15:19:58
AIX OpenSSH Vulnerability
2014-06-17 04:07:12
osv
osv
openssh - security update
2014-04-05 00:00:00
debian
debian
[BSA-095] Security Update for openssh
2014-04-30 10:16:12

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

4.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N

6 Medium

AI Score

Confidence

High

0.123 Low

EPSS

Percentile

95.4%

JSON
Related for OPENVAS:1361412562310121181
gentoo1nessus53ibm8openvas43securityvulns4f514fedora4checkpoint_advisories2ubuntucve6prion7cve7cvelist7debiancve6veracode4redhat4centos3oraclelinux5seebug2nvd7checkpoint_security1metasploit1amazon1slackware1mageia1ubuntu1hackerone1attackerkb1aix2osv1debian1