Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2008-1483
Vulnerability from cvelistv5
Published
2008-03-24 23:00
Modified
2024-08-07 08:24
Severity ?
EPSS score ?
Summary
OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T08:24:42.118Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "ADV-2008-1123", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2008/1123/references", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.attachmate.com/techdocs/2374.html", }, { name: "DSA-1576", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2008/dsa-1576", }, { name: "29554", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/29554", }, { name: "ADV-2008-1526", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2008/1526/references", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.avaya.com/elmodocs2/security/ASA-2008-205.htm", }, { name: "ADV-2008-1630", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2008/1630/references", }, { name: "[security-announce] 20080403 Globus Security Advisory 2008-01: GSI-OpenSSH vulnerability", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.globus.org/mail_archive/security-announce/2008/04/msg00000.html", }, { name: "29686", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/29686", }, { name: "APPLE-SA-2008-09-15", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html", }, { name: "31531", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/31531", }, { name: "SSA:2008-095-01", tags: [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred", ], url: "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.540188", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://aix.software.ibm.com/aix/efixes/security/ssh_advisory.asc", }, { name: "HPSBUX02337", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01462841", }, { name: "openssh-sshd-session-hijacking(41438)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/41438", }, { name: "USN-597-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/597-1/", }, { name: "1019235", tags: [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1019235.1-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463011", }, { name: "TA08-260A", tags: [ "third-party-advisory", "x_refsource_CERT", "x_transferred", ], url: "http://www.us-cert.gov/cas/techalerts/TA08-260A.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://issues.rpath.com/browse/RPL-2397", }, { name: "ADV-2008-1624", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2008/1624/references", }, { name: "ADV-2008-2584", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2008/2584", }, { name: "30249", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/30249", }, { name: "20130220 OpenSSH Forwarded X Connection Session Hijack Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2008-1483", }, { name: "29735", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/29735", }, { name: "29683", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/29683", }, { name: "30361", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/30361", }, { name: "31882", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/31882", }, { name: "SUSE-SR:2008:009", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00007.html", }, { name: "SSRT080072", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01462841", }, { name: "29721", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/29721", }, { name: "ADV-2008-2396", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2008/2396", }, { name: "29522", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/29522", }, { name: "30086", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/30086", }, { name: "29939", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/29939", }, { name: "30347", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/30347", }, { name: "oval:org.mitre.oval:def:6085", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6085", }, { name: "ADV-2008-0994", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2008/0994/references", }, { name: "1019707", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id?1019707", }, { name: "237444", tags: [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237444-1", }, { name: "MDVSA-2008:078", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:078", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://sourceforge.net/project/shownotes.php?release_id=590180&group_id=69227", }, { name: "29676", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/29676", }, { name: "29873", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/29873", }, { name: "29537", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/29537", }, { name: "29626", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/29626", }, { name: "20080325 rPSA-2008-0120-1 gnome-ssh-askpass openssh openssh-client openssh-server", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/490054/100/0/threaded", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0120", }, { name: "ADV-2008-1448", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2008/1448/references", }, { name: "NetBSD-SA2008-005", tags: [ "vendor-advisory", "x_refsource_NETBSD", "x_transferred", ], url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-005.txt.asc", }, { name: "30230", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/30230", }, { name: "28444", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/28444", }, { name: "GLSA-200804-03", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200804-03.xml", }, { name: "FreeBSD-SA-08:05", tags: [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred", ], url: "http://security.FreeBSD.org/advisories/FreeBSD-SA-08:05.openssh.asc", }, { name: "ADV-2008-1124", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2008/1124/references", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2008-03-22T00:00:00", descriptions: [ { lang: "en", value: "OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-11T19:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "ADV-2008-1123", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2008/1123/references", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.attachmate.com/techdocs/2374.html", }, { name: "DSA-1576", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2008/dsa-1576", }, { name: "29554", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/29554", }, { name: "ADV-2008-1526", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2008/1526/references", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.avaya.com/elmodocs2/security/ASA-2008-205.htm", }, { name: "ADV-2008-1630", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2008/1630/references", }, { name: "[security-announce] 20080403 Globus Security Advisory 2008-01: GSI-OpenSSH vulnerability", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.globus.org/mail_archive/security-announce/2008/04/msg00000.html", }, { name: "29686", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/29686", }, { name: "APPLE-SA-2008-09-15", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html", }, { name: "31531", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/31531", }, { name: "SSA:2008-095-01", tags: [ "vendor-advisory", "x_refsource_SLACKWARE", ], url: "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.540188", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://aix.software.ibm.com/aix/efixes/security/ssh_advisory.asc", }, { name: "HPSBUX02337", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01462841", }, { name: "openssh-sshd-session-hijacking(41438)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/41438", }, { name: "USN-597-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/597-1/", }, { name: "1019235", tags: [ "vendor-advisory", "x_refsource_SUNALERT", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1019235.1-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463011", }, { name: "TA08-260A", tags: [ "third-party-advisory", "x_refsource_CERT", ], url: "http://www.us-cert.gov/cas/techalerts/TA08-260A.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://issues.rpath.com/browse/RPL-2397", }, { name: "ADV-2008-1624", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2008/1624/references", }, { name: "ADV-2008-2584", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2008/2584", }, { name: "30249", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/30249", }, { name: "20130220 OpenSSH Forwarded X Connection Session Hijack Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2008-1483", }, { name: "29735", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/29735", }, { name: "29683", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/29683", }, { name: "30361", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/30361", }, { name: "31882", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/31882", }, { name: "SUSE-SR:2008:009", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00007.html", }, { name: "SSRT080072", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01462841", }, { name: "29721", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/29721", }, { name: "ADV-2008-2396", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2008/2396", }, { name: "29522", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/29522", }, { name: "30086", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/30086", }, { name: "29939", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/29939", }, { name: "30347", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/30347", }, { name: "oval:org.mitre.oval:def:6085", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6085", }, { name: "ADV-2008-0994", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2008/0994/references", }, { name: "1019707", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id?1019707", }, { name: "237444", tags: [ "vendor-advisory", "x_refsource_SUNALERT", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237444-1", }, { name: "MDVSA-2008:078", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:078", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://sourceforge.net/project/shownotes.php?release_id=590180&group_id=69227", }, { name: "29676", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/29676", }, { name: "29873", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/29873", }, { name: "29537", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/29537", }, { name: "29626", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/29626", }, { name: "20080325 rPSA-2008-0120-1 gnome-ssh-askpass openssh openssh-client openssh-server", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/490054/100/0/threaded", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0120", }, { name: "ADV-2008-1448", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2008/1448/references", }, { name: "NetBSD-SA2008-005", tags: [ "vendor-advisory", "x_refsource_NETBSD", ], url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-005.txt.asc", }, { name: "30230", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/30230", }, { name: "28444", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/28444", }, { name: "GLSA-200804-03", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200804-03.xml", }, { name: "FreeBSD-SA-08:05", tags: [ "vendor-advisory", "x_refsource_FREEBSD", ], url: "http://security.FreeBSD.org/advisories/FreeBSD-SA-08:05.openssh.asc", }, { name: "ADV-2008-1124", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2008/1124/references", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2008-1483", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "ADV-2008-1123", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2008/1123/references", }, { name: "http://support.attachmate.com/techdocs/2374.html", refsource: "CONFIRM", url: "http://support.attachmate.com/techdocs/2374.html", }, { name: "DSA-1576", refsource: "DEBIAN", url: "http://www.debian.org/security/2008/dsa-1576", }, { name: "29554", refsource: "SECUNIA", url: "http://secunia.com/advisories/29554", }, { name: "ADV-2008-1526", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2008/1526/references", }, { name: "http://support.avaya.com/elmodocs2/security/ASA-2008-205.htm", refsource: "CONFIRM", url: "http://support.avaya.com/elmodocs2/security/ASA-2008-205.htm", }, { name: "ADV-2008-1630", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2008/1630/references", }, { name: "[security-announce] 20080403 Globus Security Advisory 2008-01: GSI-OpenSSH vulnerability", refsource: "MLIST", url: "http://www.globus.org/mail_archive/security-announce/2008/04/msg00000.html", }, { name: "29686", refsource: "SECUNIA", url: "http://secunia.com/advisories/29686", }, { name: "APPLE-SA-2008-09-15", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html", }, { name: "31531", refsource: "SECUNIA", url: "http://secunia.com/advisories/31531", }, { name: "SSA:2008-095-01", refsource: "SLACKWARE", url: "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.540188", }, { name: "http://aix.software.ibm.com/aix/efixes/security/ssh_advisory.asc", refsource: "CONFIRM", url: "http://aix.software.ibm.com/aix/efixes/security/ssh_advisory.asc", }, { name: "HPSBUX02337", refsource: "HP", url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01462841", }, { name: "openssh-sshd-session-hijacking(41438)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/41438", }, { name: "USN-597-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/597-1/", }, { name: "1019235", refsource: "SUNALERT", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1019235.1-1", }, { name: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463011", refsource: "CONFIRM", url: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463011", }, { name: "TA08-260A", refsource: "CERT", url: "http://www.us-cert.gov/cas/techalerts/TA08-260A.html", }, { name: "https://issues.rpath.com/browse/RPL-2397", refsource: "CONFIRM", url: "https://issues.rpath.com/browse/RPL-2397", }, { name: "ADV-2008-1624", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2008/1624/references", }, { name: "ADV-2008-2584", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2008/2584", }, { name: "30249", refsource: "SECUNIA", url: "http://secunia.com/advisories/30249", }, { name: "20130220 OpenSSH Forwarded X Connection Session Hijack Vulnerability", refsource: "CISCO", url: "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2008-1483", }, { name: "29735", refsource: "SECUNIA", url: "http://secunia.com/advisories/29735", }, { name: "29683", refsource: "SECUNIA", url: "http://secunia.com/advisories/29683", }, { name: "30361", refsource: "SECUNIA", url: "http://secunia.com/advisories/30361", }, { name: "31882", refsource: "SECUNIA", url: "http://secunia.com/advisories/31882", }, { name: "SUSE-SR:2008:009", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00007.html", }, { name: "SSRT080072", refsource: "HP", url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01462841", }, { name: "29721", refsource: "SECUNIA", url: "http://secunia.com/advisories/29721", }, { name: "ADV-2008-2396", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2008/2396", }, { name: "29522", refsource: "SECUNIA", url: "http://secunia.com/advisories/29522", }, { name: "30086", refsource: "SECUNIA", url: "http://secunia.com/advisories/30086", }, { name: "29939", refsource: "SECUNIA", url: "http://secunia.com/advisories/29939", }, { name: "30347", refsource: "SECUNIA", url: "http://secunia.com/advisories/30347", }, { name: "oval:org.mitre.oval:def:6085", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6085", }, { name: "ADV-2008-0994", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2008/0994/references", }, { name: "1019707", refsource: "SECTRACK", url: "http://www.securitytracker.com/id?1019707", }, { name: "237444", refsource: "SUNALERT", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237444-1", }, { name: "MDVSA-2008:078", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:078", }, { name: "http://sourceforge.net/project/shownotes.php?release_id=590180&group_id=69227", refsource: "CONFIRM", url: "http://sourceforge.net/project/shownotes.php?release_id=590180&group_id=69227", }, { name: "29676", refsource: "SECUNIA", url: "http://secunia.com/advisories/29676", }, { name: "29873", refsource: "SECUNIA", url: "http://secunia.com/advisories/29873", }, { name: "29537", refsource: "SECUNIA", url: "http://secunia.com/advisories/29537", }, { name: "29626", refsource: "SECUNIA", url: "http://secunia.com/advisories/29626", }, { name: "20080325 rPSA-2008-0120-1 gnome-ssh-askpass openssh openssh-client openssh-server", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/490054/100/0/threaded", }, { name: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0120", refsource: "CONFIRM", url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0120", }, { name: "ADV-2008-1448", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2008/1448/references", }, { name: "NetBSD-SA2008-005", refsource: "NETBSD", url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-005.txt.asc", }, { name: "30230", refsource: "SECUNIA", url: "http://secunia.com/advisories/30230", }, { name: "28444", refsource: "BID", url: "http://www.securityfocus.com/bid/28444", }, { name: "GLSA-200804-03", refsource: "GENTOO", url: "http://www.gentoo.org/security/en/glsa/glsa-200804-03.xml", }, { name: "FreeBSD-SA-08:05", refsource: "FREEBSD", url: "http://security.FreeBSD.org/advisories/FreeBSD-SA-08:05.openssh.asc", }, { name: "ADV-2008-1124", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2008/1124/references", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2008-1483", datePublished: "2008-03-24T23:00:00", dateReserved: "2008-03-24T00:00:00", dateUpdated: "2024-08-07T08:24:42.118Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2008-1483\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2008-03-24T23:44:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.\"},{\"lang\":\"es\",\"value\":\"OpenSSH 4.3p2 y probablemente otras versiones, permite a usuarios locales secuestrar conexiones X enviadas provocando que ssh ponga DISPLAY a :10, incluso cuando otro proceso está escuchando en el puerto asociado, como se demostró abriendo el puerto TCp 6010 (IPv4) y escaneando una cookie enviada por Emacs.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":6.9,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.4,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openbsd:openssh:4.3p2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3640CCC9-EC4A-44A4-B747-7BAAAD3460C7\"}]}]}],\"references\":[{\"url\":\"ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-005.txt.asc\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://aix.software.ibm.com/aix/efixes/security/ssh_advisory.asc\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463011\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01462841\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01462841\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00007.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/29522\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29537\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29554\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29626\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29676\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29683\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29686\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29721\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29735\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29873\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29939\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/30086\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/30230\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/30249\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/30347\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/30361\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/31531\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/31882\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://security.FreeBSD.org/advisories/FreeBSD-SA-08:05.openssh.asc\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://sourceforge.net/project/shownotes.php?release_id=590180&group_id=69227\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-237444-1\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1019235.1-1\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://support.attachmate.com/techdocs/2374.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2008-205.htm\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2008-1483\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0120\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2008/dsa-1576\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200804-03.xml\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.globus.org/mail_archive/security-announce/2008/04/msg00000.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2008:078\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/490054/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/28444\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id?1019707\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.slackware.org/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.540188\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA08-260A.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0994/references\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/1123/references\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/1124/references\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/1448/references\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/1526/references\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/1624/references\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/1630/references\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/2396\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/2584\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/41438\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://issues.rpath.com/browse/RPL-2397\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6085\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://usn.ubuntu.com/597-1/\",\"source\":\"cve@mitre.org\"},{\"url\":\"ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-005.txt.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://aix.software.ibm.com/aix/efixes/security/ssh_advisory.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463011\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01462841\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01462841\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00007.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/29522\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29537\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29554\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29626\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29676\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29683\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29686\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29721\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29735\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29873\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29939\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/30086\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/30230\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/30249\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/30347\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/30361\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/31531\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/31882\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://security.FreeBSD.org/advisories/FreeBSD-SA-08:05.openssh.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://sourceforge.net/project/shownotes.php?release_id=590180&group_id=69227\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-237444-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1019235.1-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.attachmate.com/techdocs/2374.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2008-205.htm\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2008-1483\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0120\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2008/dsa-1576\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200804-03.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.globus.org/mail_archive/security-announce/2008/04/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2008:078\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/490054/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/28444\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1019707\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.slackware.org/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.540188\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA08-260A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0994/references\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/1123/references\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/1124/references\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/1448/references\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/1526/references\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/1624/references\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/1630/references\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/2396\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/2584\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/41438\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://issues.rpath.com/browse/RPL-2397\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6085\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://usn.ubuntu.com/597-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"vendorComments\":[{\"organization\":\"Red Hat\",\"comment\":\"All openssh versions shipped in Red Hat Enterprise Linux 5 include the patch for this issue.\\n\\nThis issue was fixed in Red Hat Enterprise Linux 4 via: https://rhn.redhat.com/errata/RHSA-2005-527.html\\n\\nRed Hat Enterprise Linux 3 is affected by this issue. The Red Hat Security Response Team has rated this issue as having low security\\nimpact. https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-1483\\n\",\"lastModified\":\"2010-03-19T00:00:00\"}]}}", }, }
suse-su-2018:2685-1
Vulnerability from csaf_suse
Published
2018-09-11 08:50
Modified
2018-09-11 08:50
Summary
Security update for openssh
Notes
Title of the patch
Security update for openssh
Description of the patch
This update for openssh provides the following fixes:
Security issues fixed:
- CVE-2017-15906: Stricter checking of operations in read-only mode in sftp server (bsc#1065000).
- CVE-2016-10012: Remove pre-auth compression support from the server to prevent possible cryptographic attacks (bsc#1016370).
- CVE-2008-1483: Refine handling of sockets for X11 forwarding to remove reintroduced CVE-2008-1483 (bsc#1069509).
- CVE-2016-10708: Prevent DoS due to crashes caused by out-of-sequence NEWKEYS message (bsc#1076957).
Bug fixes:
- bsc#1017099: Enable case-insensitive hostname matching.
- bsc#1023275: Add a new switch for printing diagnostic messages in sftp client's batch mode.
- bsc#1048367: systemd integration to work around various race conditions.
- bsc#1053972: Remove duplicate KEX method.
- bsc#1092582: Add missing piece of systemd integration.
- Remove the limit on the amount of tasks sshd can run.
Patchnames
SUSE-SLE-SAP-12-SP1-2018-1876,SUSE-SLE-SERVER-12-2018-1876,SUSE-SLE-SERVER-12-SP1-2018-1876
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for openssh", title: "Title of the patch", }, { category: "description", text: "This update for openssh provides the following fixes:\n\nSecurity issues fixed:\n\n- CVE-2017-15906: Stricter checking of operations in read-only mode in sftp server (bsc#1065000).\n- CVE-2016-10012: Remove pre-auth compression support from the server to prevent possible cryptographic attacks (bsc#1016370).\n- CVE-2008-1483: Refine handling of sockets for X11 forwarding to remove reintroduced CVE-2008-1483 (bsc#1069509).\n- CVE-2016-10708: Prevent DoS due to crashes caused by out-of-sequence NEWKEYS message (bsc#1076957).\n\nBug fixes:\n\n- bsc#1017099: Enable case-insensitive hostname matching.\n- bsc#1023275: Add a new switch for printing diagnostic messages in sftp client's batch mode.\n- bsc#1048367: systemd integration to work around various race conditions.\n- bsc#1053972: Remove duplicate KEX method.\n- bsc#1092582: Add missing piece of systemd integration.\n- Remove the limit on the amount of tasks sshd can run.\n", title: "Description of the patch", }, { category: "details", text: "SUSE-SLE-SAP-12-SP1-2018-1876,SUSE-SLE-SERVER-12-2018-1876,SUSE-SLE-SERVER-12-SP1-2018-1876", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_2685-1.json", }, { category: "self", summary: "URL for SUSE-SU-2018:2685-1", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20182685-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2018:2685-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2018-September/004551.html", }, { category: "self", summary: "SUSE Bug 1016370", url: "https://bugzilla.suse.com/1016370", }, { category: "self", summary: "SUSE Bug 1017099", url: "https://bugzilla.suse.com/1017099", }, { category: "self", summary: "SUSE Bug 1023275", url: "https://bugzilla.suse.com/1023275", }, { category: "self", summary: "SUSE Bug 1048367", url: "https://bugzilla.suse.com/1048367", }, { category: "self", summary: "SUSE Bug 1053972", url: "https://bugzilla.suse.com/1053972", }, { category: "self", summary: "SUSE Bug 1065000", url: "https://bugzilla.suse.com/1065000", }, { category: "self", summary: "SUSE Bug 1069509", url: "https://bugzilla.suse.com/1069509", }, { category: "self", summary: "SUSE Bug 1076957", url: "https://bugzilla.suse.com/1076957", }, { category: "self", summary: "SUSE Bug 1092582", url: "https://bugzilla.suse.com/1092582", }, { category: "self", summary: "SUSE CVE CVE-2008-1483 page", url: "https://www.suse.com/security/cve/CVE-2008-1483/", }, { category: "self", summary: "SUSE CVE CVE-2016-10012 page", url: "https://www.suse.com/security/cve/CVE-2016-10012/", }, { category: "self", summary: "SUSE CVE CVE-2016-10708 page", url: "https://www.suse.com/security/cve/CVE-2016-10708/", }, { category: "self", summary: "SUSE CVE CVE-2017-15906 page", url: "https://www.suse.com/security/cve/CVE-2017-15906/", }, ], title: "Security update for openssh", tracking: { current_release_date: "2018-09-11T08:50:47Z", generator: { date: "2018-09-11T08:50:47Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2018:2685-1", initial_release_date: "2018-09-11T08:50:47Z", revision_history: [ { date: "2018-09-11T08:50:47Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "openssh-6.6p1-54.15.2.ppc64le", product: { name: "openssh-6.6p1-54.15.2.ppc64le", product_id: "openssh-6.6p1-54.15.2.ppc64le", }, }, { category: "product_version", name: "openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", product: { name: "openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", product_id: "openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", }, }, { category: "product_version", name: "openssh-fips-6.6p1-54.15.2.ppc64le", product: { name: "openssh-fips-6.6p1-54.15.2.ppc64le", product_id: "openssh-fips-6.6p1-54.15.2.ppc64le", }, }, { category: "product_version", name: "openssh-helpers-6.6p1-54.15.2.ppc64le", product: { name: "openssh-helpers-6.6p1-54.15.2.ppc64le", product_id: "openssh-helpers-6.6p1-54.15.2.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "openssh-6.6p1-54.15.2.s390x", product: { name: "openssh-6.6p1-54.15.2.s390x", product_id: "openssh-6.6p1-54.15.2.s390x", }, }, { category: "product_version", name: "openssh-askpass-gnome-6.6p1-54.15.1.s390x", product: { name: "openssh-askpass-gnome-6.6p1-54.15.1.s390x", product_id: "openssh-askpass-gnome-6.6p1-54.15.1.s390x", }, }, { category: "product_version", name: "openssh-fips-6.6p1-54.15.2.s390x", product: { name: "openssh-fips-6.6p1-54.15.2.s390x", product_id: "openssh-fips-6.6p1-54.15.2.s390x", }, }, { category: "product_version", name: "openssh-helpers-6.6p1-54.15.2.s390x", product: { name: "openssh-helpers-6.6p1-54.15.2.s390x", product_id: "openssh-helpers-6.6p1-54.15.2.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "openssh-6.6p1-54.15.2.x86_64", product: { name: "openssh-6.6p1-54.15.2.x86_64", product_id: "openssh-6.6p1-54.15.2.x86_64", }, }, { category: "product_version", name: "openssh-askpass-gnome-6.6p1-54.15.1.x86_64", product: { name: "openssh-askpass-gnome-6.6p1-54.15.1.x86_64", product_id: "openssh-askpass-gnome-6.6p1-54.15.1.x86_64", }, }, { category: "product_version", name: "openssh-fips-6.6p1-54.15.2.x86_64", product: { name: "openssh-fips-6.6p1-54.15.2.x86_64", product_id: "openssh-fips-6.6p1-54.15.2.x86_64", }, }, { category: "product_version", name: "openssh-helpers-6.6p1-54.15.2.x86_64", product: { name: "openssh-helpers-6.6p1-54.15.2.x86_64", product_id: "openssh-helpers-6.6p1-54.15.2.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp1", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12-LTSS", product: { name: "SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sles-ltss:12", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP1-LTSS", product: { name: "SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sles-ltss:12:sp1", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "openssh-6.6p1-54.15.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.ppc64le", }, product_reference: "openssh-6.6p1-54.15.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", }, { category: "default_component_of", full_product_name: { name: "openssh-6.6p1-54.15.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.x86_64", }, product_reference: "openssh-6.6p1-54.15.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-6.6p1-54.15.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", }, product_reference: "openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-6.6p1-54.15.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.x86_64", }, product_reference: "openssh-askpass-gnome-6.6p1-54.15.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", }, { category: "default_component_of", full_product_name: { name: "openssh-fips-6.6p1-54.15.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.ppc64le", }, product_reference: "openssh-fips-6.6p1-54.15.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", }, { category: "default_component_of", full_product_name: { name: "openssh-fips-6.6p1-54.15.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.x86_64", }, product_reference: "openssh-fips-6.6p1-54.15.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-6.6p1-54.15.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.ppc64le", }, product_reference: "openssh-helpers-6.6p1-54.15.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-6.6p1-54.15.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.x86_64", }, product_reference: "openssh-helpers-6.6p1-54.15.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", }, { category: "default_component_of", full_product_name: { name: "openssh-6.6p1-54.15.2.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.ppc64le", }, product_reference: "openssh-6.6p1-54.15.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, { category: "default_component_of", full_product_name: { name: "openssh-6.6p1-54.15.2.s390x as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.s390x", }, product_reference: "openssh-6.6p1-54.15.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, { category: "default_component_of", full_product_name: { name: "openssh-6.6p1-54.15.2.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.x86_64", }, product_reference: "openssh-6.6p1-54.15.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-6.6p1-54.15.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", }, product_reference: "openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-6.6p1-54.15.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x", }, product_reference: "openssh-askpass-gnome-6.6p1-54.15.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-6.6p1-54.15.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64", }, product_reference: "openssh-askpass-gnome-6.6p1-54.15.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, { category: "default_component_of", full_product_name: { name: "openssh-fips-6.6p1-54.15.2.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le", }, product_reference: "openssh-fips-6.6p1-54.15.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, { category: "default_component_of", full_product_name: { name: "openssh-fips-6.6p1-54.15.2.s390x as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.s390x", }, product_reference: "openssh-fips-6.6p1-54.15.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, { category: "default_component_of", full_product_name: { name: "openssh-fips-6.6p1-54.15.2.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.x86_64", }, product_reference: "openssh-fips-6.6p1-54.15.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-6.6p1-54.15.2.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le", }, product_reference: "openssh-helpers-6.6p1-54.15.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-6.6p1-54.15.2.s390x as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.s390x", }, product_reference: "openssh-helpers-6.6p1-54.15.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-6.6p1-54.15.2.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64", }, product_reference: "openssh-helpers-6.6p1-54.15.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, { category: "default_component_of", full_product_name: { name: "openssh-6.6p1-54.15.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.ppc64le", }, product_reference: "openssh-6.6p1-54.15.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "openssh-6.6p1-54.15.2.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.s390x", }, product_reference: "openssh-6.6p1-54.15.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "openssh-6.6p1-54.15.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.x86_64", }, product_reference: "openssh-6.6p1-54.15.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-6.6p1-54.15.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", }, product_reference: "openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-6.6p1-54.15.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x", }, product_reference: "openssh-askpass-gnome-6.6p1-54.15.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-6.6p1-54.15.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64", }, product_reference: "openssh-askpass-gnome-6.6p1-54.15.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "openssh-fips-6.6p1-54.15.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le", }, product_reference: "openssh-fips-6.6p1-54.15.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "openssh-fips-6.6p1-54.15.2.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.s390x", }, product_reference: "openssh-fips-6.6p1-54.15.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "openssh-fips-6.6p1-54.15.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.x86_64", }, product_reference: "openssh-fips-6.6p1-54.15.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-6.6p1-54.15.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le", }, product_reference: "openssh-helpers-6.6p1-54.15.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-6.6p1-54.15.2.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.s390x", }, product_reference: "openssh-helpers-6.6p1-54.15.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-6.6p1-54.15.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64", }, product_reference: "openssh-helpers-6.6p1-54.15.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, ], }, vulnerabilities: [ { cve: "CVE-2008-1483", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2008-1483", }, ], notes: [ { category: "general", text: "OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2008-1483", url: "https://www.suse.com/security/cve/CVE-2008-1483", }, { category: "external", summary: "SUSE Bug 1069509 for CVE-2008-1483", url: "https://bugzilla.suse.com/1069509", }, { category: "external", summary: "SUSE Bug 373527 for CVE-2008-1483", url: "https://bugzilla.suse.com/373527", }, { category: "external", summary: "SUSE Bug 585630 for CVE-2008-1483", url: "https://bugzilla.suse.com/585630", }, { category: "external", summary: "SUSE Bug 647633 for CVE-2008-1483", url: "https://bugzilla.suse.com/647633", }, { category: "external", summary: "SUSE Bug 706386 for CVE-2008-1483", url: "https://bugzilla.suse.com/706386", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-11T08:50:47Z", details: "important", }, ], title: "CVE-2008-1483", }, { cve: "CVE-2016-10012", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-10012", }, ], notes: [ { category: "general", text: "The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-10012", url: "https://www.suse.com/security/cve/CVE-2016-10012", }, { category: "external", summary: "SUSE Bug 1006166 for CVE-2016-10012", url: "https://bugzilla.suse.com/1006166", }, { category: "external", summary: "SUSE Bug 1016336 for CVE-2016-10012", url: "https://bugzilla.suse.com/1016336", }, { category: "external", summary: "SUSE Bug 1016369 for CVE-2016-10012", url: "https://bugzilla.suse.com/1016369", }, { category: "external", summary: "SUSE Bug 1016370 for CVE-2016-10012", url: "https://bugzilla.suse.com/1016370", }, { category: "external", summary: "SUSE Bug 1017870 for CVE-2016-10012", url: "https://bugzilla.suse.com/1017870", }, { category: "external", summary: "SUSE Bug 1026634 for CVE-2016-10012", url: "https://bugzilla.suse.com/1026634", }, { category: "external", summary: "SUSE Bug 1035742 for CVE-2016-10012", url: "https://bugzilla.suse.com/1035742", }, { category: "external", summary: "SUSE Bug 1073044 for CVE-2016-10012", url: "https://bugzilla.suse.com/1073044", }, { category: "external", summary: "SUSE Bug 1092582 for CVE-2016-10012", url: "https://bugzilla.suse.com/1092582", }, { category: "external", summary: "SUSE Bug 1138392 for CVE-2016-10012", url: "https://bugzilla.suse.com/1138392", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-11T08:50:47Z", details: "low", }, ], title: "CVE-2016-10012", }, { cve: "CVE-2016-10708", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-10708", }, ], notes: [ { category: "general", text: "sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-10708", url: "https://www.suse.com/security/cve/CVE-2016-10708", }, { category: "external", summary: "SUSE Bug 1076957 for CVE-2016-10708", url: "https://bugzilla.suse.com/1076957", }, { category: "external", summary: "SUSE Bug 1106726 for CVE-2016-10708", url: "https://bugzilla.suse.com/1106726", }, { category: "external", summary: "SUSE Bug 1138392 for CVE-2016-10708", url: "https://bugzilla.suse.com/1138392", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-11T08:50:47Z", details: "moderate", }, ], title: "CVE-2016-10708", }, { cve: "CVE-2017-15906", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-15906", }, ], notes: [ { category: "general", text: "The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-15906", url: "https://www.suse.com/security/cve/CVE-2017-15906", }, { category: "external", summary: "SUSE Bug 1064285 for CVE-2017-15906", url: "https://bugzilla.suse.com/1064285", }, { category: "external", summary: "SUSE Bug 1065000 for CVE-2017-15906", url: "https://bugzilla.suse.com/1065000", }, { category: "external", summary: "SUSE Bug 1074115 for CVE-2017-15906", url: "https://bugzilla.suse.com/1074115", }, { category: "external", summary: "SUSE Bug 1079488 for CVE-2017-15906", url: "https://bugzilla.suse.com/1079488", }, { category: "external", summary: "SUSE Bug 1090163 for CVE-2017-15906", url: "https://bugzilla.suse.com/1090163", }, { category: "external", summary: "SUSE Bug 1099316 for CVE-2017-15906", url: "https://bugzilla.suse.com/1099316", }, { category: "external", summary: "SUSE Bug 1138392 for CVE-2017-15906", url: "https://bugzilla.suse.com/1138392", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-fips-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-askpass-gnome-6.6p1-54.15.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-fips-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.s390x", "SUSE Linux Enterprise Server 12-LTSS:openssh-helpers-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-askpass-gnome-6.6p1-54.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-fips-6.6p1-54.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:openssh-helpers-6.6p1-54.15.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-11T08:50:47Z", details: "moderate", }, ], title: "CVE-2017-15906", }, ], }
suse-su-2017:3230-1
Vulnerability from csaf_suse
Published
2017-12-07 12:22
Modified
2017-12-07 12:22
Summary
Security update for openssh
Notes
Title of the patch
Security update for openssh
Description of the patch
This update for openssh fixes the following issues:
Security issue fixed:
- CVE-2017-15906: Stricter checking of operations in read-only mode in sftp server (bsc#1065000).
Bug fixes:
- FIPS: Startup selfchecks (bsc#1068310).
- FIPS: Silent complaints about unsupported key exchange methods (bsc#1006166).
- Refine handling of sockets for X11 forwarding to remove reintroduced CVE-2008-1483 (bsc#1069509).
- Test configuration before running daemon to prevent looping resulting in service shutdown (bsc#1048367)
Patchnames
SUSE-CAASP-ALL-2017-2009,SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-2009,SUSE-SLE-DESKTOP-12-SP2-2017-2009,SUSE-SLE-DESKTOP-12-SP3-2017-2009,SUSE-SLE-RPI-12-SP2-2017-2009,SUSE-SLE-SERVER-12-SP2-2017-2009,SUSE-SLE-SERVER-12-SP3-2017-2009
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for openssh", title: "Title of the patch", }, { category: "description", text: "This update for openssh fixes the following issues:\n\nSecurity issue fixed:\n\n- CVE-2017-15906: Stricter checking of operations in read-only mode in sftp server (bsc#1065000).\n\nBug fixes:\n\n- FIPS: Startup selfchecks (bsc#1068310).\n- FIPS: Silent complaints about unsupported key exchange methods (bsc#1006166).\n- Refine handling of sockets for X11 forwarding to remove reintroduced CVE-2008-1483 (bsc#1069509).\n- Test configuration before running daemon to prevent looping resulting in service shutdown (bsc#1048367)\n", title: "Description of the patch", }, { category: "details", text: "SUSE-CAASP-ALL-2017-2009,SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-2009,SUSE-SLE-DESKTOP-12-SP2-2017-2009,SUSE-SLE-DESKTOP-12-SP3-2017-2009,SUSE-SLE-RPI-12-SP2-2017-2009,SUSE-SLE-SERVER-12-SP2-2017-2009,SUSE-SLE-SERVER-12-SP3-2017-2009", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_3230-1.json", }, { category: "self", summary: "URL for SUSE-SU-2017:3230-1", url: "https://www.suse.com/support/update/announcement/2017/suse-su-20173230-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2017:3230-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2017-December/003476.html", }, { category: "self", summary: "SUSE Bug 1006166", url: "https://bugzilla.suse.com/1006166", }, { category: "self", summary: "SUSE Bug 1048367", url: "https://bugzilla.suse.com/1048367", }, { category: "self", summary: "SUSE Bug 1065000", url: "https://bugzilla.suse.com/1065000", }, { category: "self", summary: "SUSE Bug 1068310", url: "https://bugzilla.suse.com/1068310", }, { category: "self", summary: "SUSE Bug 1069509", url: "https://bugzilla.suse.com/1069509", }, { category: "self", summary: "SUSE CVE CVE-2008-1483 page", url: "https://www.suse.com/security/cve/CVE-2008-1483/", }, { category: "self", summary: "SUSE CVE CVE-2017-15906 page", url: "https://www.suse.com/security/cve/CVE-2017-15906/", }, ], title: "Security update for openssh", tracking: { current_release_date: "2017-12-07T12:22:05Z", generator: { date: "2017-12-07T12:22:05Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2017:3230-1", initial_release_date: "2017-12-07T12:22:05Z", revision_history: [ { date: "2017-12-07T12:22:05Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "openssh-7.2p2-74.11.1.aarch64", product: { name: "openssh-7.2p2-74.11.1.aarch64", product_id: "openssh-7.2p2-74.11.1.aarch64", }, }, { category: "product_version", name: "openssh-askpass-gnome-7.2p2-74.11.3.aarch64", product: { name: "openssh-askpass-gnome-7.2p2-74.11.3.aarch64", product_id: "openssh-askpass-gnome-7.2p2-74.11.3.aarch64", }, }, { category: "product_version", name: "openssh-fips-7.2p2-74.11.1.aarch64", product: { name: "openssh-fips-7.2p2-74.11.1.aarch64", product_id: "openssh-fips-7.2p2-74.11.1.aarch64", }, }, { category: "product_version", name: "openssh-helpers-7.2p2-74.11.1.aarch64", product: { name: "openssh-helpers-7.2p2-74.11.1.aarch64", product_id: "openssh-helpers-7.2p2-74.11.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "openssh-7.2p2-74.11.1.ppc64le", product: { name: "openssh-7.2p2-74.11.1.ppc64le", product_id: "openssh-7.2p2-74.11.1.ppc64le", }, }, { category: "product_version", name: "openssh-askpass-gnome-7.2p2-74.11.3.ppc64le", product: { name: "openssh-askpass-gnome-7.2p2-74.11.3.ppc64le", product_id: "openssh-askpass-gnome-7.2p2-74.11.3.ppc64le", }, }, { category: "product_version", name: "openssh-fips-7.2p2-74.11.1.ppc64le", product: { name: "openssh-fips-7.2p2-74.11.1.ppc64le", product_id: "openssh-fips-7.2p2-74.11.1.ppc64le", }, }, { category: "product_version", name: "openssh-helpers-7.2p2-74.11.1.ppc64le", product: { name: "openssh-helpers-7.2p2-74.11.1.ppc64le", product_id: "openssh-helpers-7.2p2-74.11.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "openssh-7.2p2-74.11.1.s390x", product: { name: "openssh-7.2p2-74.11.1.s390x", product_id: "openssh-7.2p2-74.11.1.s390x", }, }, { category: "product_version", name: "openssh-askpass-gnome-7.2p2-74.11.3.s390x", product: { name: "openssh-askpass-gnome-7.2p2-74.11.3.s390x", product_id: "openssh-askpass-gnome-7.2p2-74.11.3.s390x", }, }, { category: "product_version", name: "openssh-fips-7.2p2-74.11.1.s390x", product: { name: "openssh-fips-7.2p2-74.11.1.s390x", product_id: "openssh-fips-7.2p2-74.11.1.s390x", }, }, { category: "product_version", name: "openssh-helpers-7.2p2-74.11.1.s390x", product: { name: "openssh-helpers-7.2p2-74.11.1.s390x", product_id: "openssh-helpers-7.2p2-74.11.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "openssh-7.2p2-74.11.1.x86_64", product: { name: "openssh-7.2p2-74.11.1.x86_64", product_id: "openssh-7.2p2-74.11.1.x86_64", }, }, { category: "product_version", name: "openssh-askpass-gnome-7.2p2-74.11.3.x86_64", product: { name: "openssh-askpass-gnome-7.2p2-74.11.3.x86_64", product_id: "openssh-askpass-gnome-7.2p2-74.11.3.x86_64", }, }, { category: "product_version", name: "openssh-helpers-7.2p2-74.11.1.x86_64", product: { name: "openssh-helpers-7.2p2-74.11.1.x86_64", product_id: "openssh-helpers-7.2p2-74.11.1.x86_64", }, }, { category: "product_version", name: "openssh-fips-7.2p2-74.11.1.x86_64", product: { name: "openssh-fips-7.2p2-74.11.1.x86_64", product_id: "openssh-fips-7.2p2-74.11.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Desktop 12 SP2", product: { name: "SUSE Linux Enterprise Desktop 12 SP2", product_id: "SUSE Linux Enterprise Desktop 12 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sled:12:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Desktop 12 SP3", product: { name: "SUSE Linux Enterprise Desktop 12 SP3", product_id: "SUSE Linux Enterprise Desktop 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sled:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2", product: { name: "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2", product_id: "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sles:12:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP2", product: { name: "SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sles:12:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP3", product: { name: "SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sles:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp3", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "openssh-7.2p2-74.11.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP2", product_id: "SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-74.11.1.x86_64", }, product_reference: "openssh-7.2p2-74.11.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP2", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-7.2p2-74.11.3.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP2", product_id: "SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", }, product_reference: "openssh-askpass-gnome-7.2p2-74.11.3.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP2", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-7.2p2-74.11.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP2", product_id: "SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64", }, product_reference: "openssh-helpers-7.2p2-74.11.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP2", }, { category: "default_component_of", full_product_name: { name: "openssh-7.2p2-74.11.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3", product_id: "SUSE Linux Enterprise Desktop 12 SP3:openssh-7.2p2-74.11.1.x86_64", }, product_reference: "openssh-7.2p2-74.11.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP3", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-7.2p2-74.11.3.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3", product_id: "SUSE Linux Enterprise Desktop 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", }, product_reference: "openssh-askpass-gnome-7.2p2-74.11.3.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP3", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-7.2p2-74.11.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3", product_id: "SUSE Linux Enterprise Desktop 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64", }, product_reference: "openssh-helpers-7.2p2-74.11.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP3", }, { category: "default_component_of", full_product_name: { name: "openssh-7.2p2-74.11.1.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2", product_id: "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-74.11.1.aarch64", }, product_reference: "openssh-7.2p2-74.11.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-7.2p2-74.11.3.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2", product_id: "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64", }, product_reference: "openssh-askpass-gnome-7.2p2-74.11.3.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2", }, { category: "default_component_of", full_product_name: { name: "openssh-fips-7.2p2-74.11.1.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2", product_id: "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64", }, product_reference: "openssh-fips-7.2p2-74.11.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-7.2p2-74.11.1.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2", product_id: "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64", }, product_reference: "openssh-helpers-7.2p2-74.11.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2", }, { category: "default_component_of", full_product_name: { name: "openssh-7.2p2-74.11.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.aarch64", }, product_reference: "openssh-7.2p2-74.11.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "openssh-7.2p2-74.11.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.ppc64le", }, product_reference: "openssh-7.2p2-74.11.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "openssh-7.2p2-74.11.1.s390x as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.s390x", }, product_reference: "openssh-7.2p2-74.11.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "openssh-7.2p2-74.11.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.x86_64", }, product_reference: "openssh-7.2p2-74.11.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-7.2p2-74.11.3.aarch64 as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64", }, product_reference: "openssh-askpass-gnome-7.2p2-74.11.3.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-7.2p2-74.11.3.ppc64le as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le", }, product_reference: "openssh-askpass-gnome-7.2p2-74.11.3.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-7.2p2-74.11.3.s390x as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.s390x", }, product_reference: "openssh-askpass-gnome-7.2p2-74.11.3.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-7.2p2-74.11.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", }, product_reference: "openssh-askpass-gnome-7.2p2-74.11.3.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "openssh-fips-7.2p2-74.11.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64", }, product_reference: "openssh-fips-7.2p2-74.11.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "openssh-fips-7.2p2-74.11.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.ppc64le", }, product_reference: "openssh-fips-7.2p2-74.11.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "openssh-fips-7.2p2-74.11.1.s390x as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.s390x", }, product_reference: "openssh-fips-7.2p2-74.11.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "openssh-fips-7.2p2-74.11.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.x86_64", }, product_reference: "openssh-fips-7.2p2-74.11.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-7.2p2-74.11.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64", }, product_reference: "openssh-helpers-7.2p2-74.11.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-7.2p2-74.11.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.ppc64le", }, product_reference: "openssh-helpers-7.2p2-74.11.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-7.2p2-74.11.1.s390x as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.s390x", }, product_reference: "openssh-helpers-7.2p2-74.11.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-7.2p2-74.11.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64", }, product_reference: "openssh-helpers-7.2p2-74.11.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "openssh-7.2p2-74.11.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.aarch64", }, product_reference: "openssh-7.2p2-74.11.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "openssh-7.2p2-74.11.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.ppc64le", }, product_reference: "openssh-7.2p2-74.11.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "openssh-7.2p2-74.11.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.s390x", }, product_reference: "openssh-7.2p2-74.11.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "openssh-7.2p2-74.11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.x86_64", }, product_reference: "openssh-7.2p2-74.11.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-7.2p2-74.11.3.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64", }, product_reference: "openssh-askpass-gnome-7.2p2-74.11.3.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-7.2p2-74.11.3.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le", }, product_reference: "openssh-askpass-gnome-7.2p2-74.11.3.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-7.2p2-74.11.3.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.s390x", }, product_reference: "openssh-askpass-gnome-7.2p2-74.11.3.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-7.2p2-74.11.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", }, product_reference: "openssh-askpass-gnome-7.2p2-74.11.3.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "openssh-fips-7.2p2-74.11.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64", }, product_reference: "openssh-fips-7.2p2-74.11.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "openssh-fips-7.2p2-74.11.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.ppc64le", }, product_reference: "openssh-fips-7.2p2-74.11.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "openssh-fips-7.2p2-74.11.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.s390x", }, product_reference: "openssh-fips-7.2p2-74.11.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "openssh-fips-7.2p2-74.11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.x86_64", }, product_reference: "openssh-fips-7.2p2-74.11.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-7.2p2-74.11.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64", }, product_reference: "openssh-helpers-7.2p2-74.11.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-7.2p2-74.11.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.ppc64le", }, product_reference: "openssh-helpers-7.2p2-74.11.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-7.2p2-74.11.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.s390x", }, product_reference: "openssh-helpers-7.2p2-74.11.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-7.2p2-74.11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64", }, product_reference: "openssh-helpers-7.2p2-74.11.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "openssh-7.2p2-74.11.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.aarch64", }, product_reference: "openssh-7.2p2-74.11.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "openssh-7.2p2-74.11.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.ppc64le", }, product_reference: "openssh-7.2p2-74.11.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "openssh-7.2p2-74.11.1.s390x as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.s390x", }, product_reference: "openssh-7.2p2-74.11.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "openssh-7.2p2-74.11.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.x86_64", }, product_reference: "openssh-7.2p2-74.11.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-7.2p2-74.11.3.aarch64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.aarch64", }, product_reference: "openssh-askpass-gnome-7.2p2-74.11.3.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-7.2p2-74.11.3.ppc64le as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le", }, product_reference: "openssh-askpass-gnome-7.2p2-74.11.3.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-7.2p2-74.11.3.s390x as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.s390x", }, product_reference: "openssh-askpass-gnome-7.2p2-74.11.3.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-7.2p2-74.11.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", }, product_reference: "openssh-askpass-gnome-7.2p2-74.11.3.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "openssh-fips-7.2p2-74.11.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.aarch64", }, product_reference: "openssh-fips-7.2p2-74.11.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "openssh-fips-7.2p2-74.11.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.ppc64le", }, product_reference: "openssh-fips-7.2p2-74.11.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "openssh-fips-7.2p2-74.11.1.s390x as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.s390x", }, product_reference: "openssh-fips-7.2p2-74.11.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "openssh-fips-7.2p2-74.11.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.x86_64", }, product_reference: "openssh-fips-7.2p2-74.11.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-7.2p2-74.11.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.aarch64", }, product_reference: "openssh-helpers-7.2p2-74.11.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-7.2p2-74.11.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.ppc64le", }, product_reference: "openssh-helpers-7.2p2-74.11.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-7.2p2-74.11.1.s390x as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.s390x", }, product_reference: "openssh-helpers-7.2p2-74.11.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-7.2p2-74.11.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64", }, product_reference: "openssh-helpers-7.2p2-74.11.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "openssh-7.2p2-74.11.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.aarch64", }, product_reference: "openssh-7.2p2-74.11.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "openssh-7.2p2-74.11.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.ppc64le", }, product_reference: "openssh-7.2p2-74.11.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "openssh-7.2p2-74.11.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.s390x", }, product_reference: "openssh-7.2p2-74.11.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "openssh-7.2p2-74.11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.x86_64", }, product_reference: "openssh-7.2p2-74.11.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-7.2p2-74.11.3.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.aarch64", }, product_reference: "openssh-askpass-gnome-7.2p2-74.11.3.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-7.2p2-74.11.3.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le", }, product_reference: "openssh-askpass-gnome-7.2p2-74.11.3.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-7.2p2-74.11.3.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.s390x", }, product_reference: "openssh-askpass-gnome-7.2p2-74.11.3.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-7.2p2-74.11.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", }, product_reference: "openssh-askpass-gnome-7.2p2-74.11.3.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "openssh-fips-7.2p2-74.11.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.aarch64", }, product_reference: "openssh-fips-7.2p2-74.11.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "openssh-fips-7.2p2-74.11.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.ppc64le", }, product_reference: "openssh-fips-7.2p2-74.11.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "openssh-fips-7.2p2-74.11.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.s390x", }, product_reference: "openssh-fips-7.2p2-74.11.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "openssh-fips-7.2p2-74.11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.x86_64", }, product_reference: "openssh-fips-7.2p2-74.11.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-7.2p2-74.11.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.aarch64", }, product_reference: "openssh-helpers-7.2p2-74.11.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-7.2p2-74.11.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.ppc64le", }, product_reference: "openssh-helpers-7.2p2-74.11.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-7.2p2-74.11.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.s390x", }, product_reference: "openssh-helpers-7.2p2-74.11.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-7.2p2-74.11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64", }, product_reference: "openssh-helpers-7.2p2-74.11.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, ], }, vulnerabilities: [ { cve: "CVE-2008-1483", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2008-1483", }, ], notes: [ { category: "general", text: "OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:openssh-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.s390x", "SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2008-1483", url: "https://www.suse.com/security/cve/CVE-2008-1483", }, { category: "external", summary: "SUSE Bug 1069509 for CVE-2008-1483", url: "https://bugzilla.suse.com/1069509", }, { category: "external", summary: "SUSE Bug 373527 for CVE-2008-1483", url: "https://bugzilla.suse.com/373527", }, { category: "external", summary: "SUSE Bug 585630 for CVE-2008-1483", url: "https://bugzilla.suse.com/585630", }, { category: "external", summary: "SUSE Bug 647633 for CVE-2008-1483", url: "https://bugzilla.suse.com/647633", }, { category: "external", summary: "SUSE Bug 706386 for CVE-2008-1483", url: "https://bugzilla.suse.com/706386", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:openssh-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.s390x", "SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:openssh-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.s390x", "SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-12-07T12:22:05Z", details: "important", }, ], title: "CVE-2008-1483", }, { cve: "CVE-2017-15906", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-15906", }, ], notes: [ { category: "general", text: "The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:openssh-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.s390x", "SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-15906", url: "https://www.suse.com/security/cve/CVE-2017-15906", }, { category: "external", summary: "SUSE Bug 1064285 for CVE-2017-15906", url: "https://bugzilla.suse.com/1064285", }, { category: "external", summary: "SUSE Bug 1065000 for CVE-2017-15906", url: "https://bugzilla.suse.com/1065000", }, { category: "external", summary: "SUSE Bug 1074115 for CVE-2017-15906", url: "https://bugzilla.suse.com/1074115", }, { category: "external", summary: "SUSE Bug 1079488 for CVE-2017-15906", url: "https://bugzilla.suse.com/1079488", }, { category: "external", summary: "SUSE Bug 1090163 for CVE-2017-15906", url: "https://bugzilla.suse.com/1090163", }, { category: "external", summary: "SUSE Bug 1099316 for CVE-2017-15906", url: "https://bugzilla.suse.com/1099316", }, { category: "external", summary: "SUSE Bug 1138392 for CVE-2017-15906", url: "https://bugzilla.suse.com/1138392", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:openssh-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.s390x", "SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:openssh-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.s390x", "SUSE Linux Enterprise Server 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-fips-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:openssh-helpers-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.11.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.11.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-12-07T12:22:05Z", details: "moderate", }, ], title: "CVE-2017-15906", }, ], }
suse-su-2018:2719-1
Vulnerability from csaf_suse
Published
2018-09-14 14:06
Modified
2018-09-14 14:06
Summary
Security update for openssh-openssl1
Notes
Title of the patch
Security update for openssh-openssl1
Description of the patch
This update for openssh-openssl1 fixes the following issues:
These security issues were fixed:
- CVE-2016-10708: Prevent NULL pointer dereference via an out-of-sequence
NEWKEYS message allowed remote attackers to cause a denial of service
(bsc#1076957).
- CVE-2017-15906: The process_open function did not properly prevent write
operations in readonly mode, which allowed attackers to create zero-length
files (bsc#1065000).
- CVE-2016-10012: The shared memory manager (associated with pre-authentication
compression) did not ensure that a bounds check is enforced by all compilers,
which might have allowed local users to gain privileges by leveraging access to
a sandboxed privilege-separation process, related to the m_zback and m_zlib
data structures (bsc#1016370).
- CVE-2008-1483: Prevent local users from hijacking forwarded X connections by
causing ssh to set DISPLAY to :10, even when another process is listening on
the associated port. This problem was reontroduced by another patch and was
previously fixed by another update (bsc#1069509).
These non-security issues were fixed:
- Remove duplicate KEX method (bsc#1053972)
- New switch for printing diagnostic messages in sftp client's batch mode (bsc#1023275)
- Enable case-insensitive hostname matching (bsc#1017099)
Patchnames
secsp3-openssh-openssl1-13777
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for openssh-openssl1", title: "Title of the patch", }, { category: "description", text: "This update for openssh-openssl1 fixes the following issues:\n\nThese security issues were fixed:\n\n- CVE-2016-10708: Prevent NULL pointer dereference via an out-of-sequence\n NEWKEYS message allowed remote attackers to cause a denial of service\n (bsc#1076957).\n- CVE-2017-15906: The process_open function did not properly prevent write\n operations in readonly mode, which allowed attackers to create zero-length\n files (bsc#1065000).\n- CVE-2016-10012: The shared memory manager (associated with pre-authentication\n compression) did not ensure that a bounds check is enforced by all compilers,\n which might have allowed local users to gain privileges by leveraging access to\n a sandboxed privilege-separation process, related to the m_zback and m_zlib\n data structures (bsc#1016370).\n- CVE-2008-1483: Prevent local users from hijacking forwarded X connections by\n causing ssh to set DISPLAY to :10, even when another process is listening on\n the associated port. This problem was reontroduced by another patch and was\n previously fixed by another update (bsc#1069509).\n\nThese non-security issues were fixed:\n\n- Remove duplicate KEX method (bsc#1053972)\n- New switch for printing diagnostic messages in sftp client's batch mode (bsc#1023275)\n- Enable case-insensitive hostname matching (bsc#1017099)\n", title: "Description of the patch", }, { category: "details", text: "secsp3-openssh-openssl1-13777", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_2719-1.json", }, { category: "self", summary: "URL for SUSE-SU-2018:2719-1", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20182719-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2018:2719-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2018-September/004564.html", }, { category: "self", summary: "SUSE Bug 1016370", url: "https://bugzilla.suse.com/1016370", }, { category: "self", summary: "SUSE Bug 1017099", url: "https://bugzilla.suse.com/1017099", }, { category: "self", summary: "SUSE Bug 1023275", url: "https://bugzilla.suse.com/1023275", }, { category: "self", summary: "SUSE Bug 1053972", url: "https://bugzilla.suse.com/1053972", }, { category: "self", summary: "SUSE Bug 1065000", url: "https://bugzilla.suse.com/1065000", }, { category: "self", summary: "SUSE Bug 1069509", url: "https://bugzilla.suse.com/1069509", }, { category: "self", summary: "SUSE Bug 1076957", url: "https://bugzilla.suse.com/1076957", }, { category: "self", summary: "SUSE CVE CVE-2008-1483 page", url: "https://www.suse.com/security/cve/CVE-2008-1483/", }, { category: "self", summary: "SUSE CVE CVE-2016-10012 page", url: "https://www.suse.com/security/cve/CVE-2016-10012/", }, { category: "self", summary: "SUSE CVE CVE-2016-10708 page", url: "https://www.suse.com/security/cve/CVE-2016-10708/", }, { category: "self", summary: "SUSE CVE CVE-2017-15906 page", url: "https://www.suse.com/security/cve/CVE-2017-15906/", }, ], title: "Security update for openssh-openssl1", tracking: { current_release_date: "2018-09-14T14:06:53Z", generator: { date: "2018-09-14T14:06:53Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2018:2719-1", initial_release_date: "2018-09-14T14:06:53Z", revision_history: [ { date: "2018-09-14T14:06:53Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "openssh-openssl1-6.6p1-19.3.1.i586", product: { name: "openssh-openssl1-6.6p1-19.3.1.i586", product_id: "openssh-openssl1-6.6p1-19.3.1.i586", }, }, { category: "product_version", name: "openssh-openssl1-helpers-6.6p1-19.3.1.i586", product: { name: "openssh-openssl1-helpers-6.6p1-19.3.1.i586", product_id: "openssh-openssl1-helpers-6.6p1-19.3.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "openssh-openssl1-6.6p1-19.3.1.ia64", product: { name: "openssh-openssl1-6.6p1-19.3.1.ia64", product_id: "openssh-openssl1-6.6p1-19.3.1.ia64", }, }, { category: "product_version", name: "openssh-openssl1-helpers-6.6p1-19.3.1.ia64", product: { name: "openssh-openssl1-helpers-6.6p1-19.3.1.ia64", product_id: "openssh-openssl1-helpers-6.6p1-19.3.1.ia64", }, }, ], category: "architecture", name: "ia64", }, { branches: [ { category: "product_version", name: "openssh-openssl1-6.6p1-19.3.1.ppc64", product: { name: "openssh-openssl1-6.6p1-19.3.1.ppc64", product_id: "openssh-openssl1-6.6p1-19.3.1.ppc64", }, }, { category: "product_version", name: "openssh-openssl1-helpers-6.6p1-19.3.1.ppc64", product: { name: "openssh-openssl1-helpers-6.6p1-19.3.1.ppc64", product_id: "openssh-openssl1-helpers-6.6p1-19.3.1.ppc64", }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "openssh-openssl1-6.6p1-19.3.1.s390x", product: { name: "openssh-openssl1-6.6p1-19.3.1.s390x", product_id: "openssh-openssl1-6.6p1-19.3.1.s390x", }, }, { category: "product_version", name: "openssh-openssl1-helpers-6.6p1-19.3.1.s390x", product: { name: "openssh-openssl1-helpers-6.6p1-19.3.1.s390x", product_id: "openssh-openssl1-helpers-6.6p1-19.3.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "openssh-openssl1-6.6p1-19.3.1.x86_64", product: { name: "openssh-openssl1-6.6p1-19.3.1.x86_64", product_id: "openssh-openssl1-6.6p1-19.3.1.x86_64", }, }, { category: "product_version", name: "openssh-openssl1-helpers-6.6p1-19.3.1.x86_64", product: { name: "openssh-openssl1-helpers-6.6p1-19.3.1.x86_64", product_id: "openssh-openssl1-helpers-6.6p1-19.3.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Server 11-SECURITY", product: { name: "SUSE Linux Enterprise Server 11-SECURITY", product_id: "SUSE Linux Enterprise Server 11-SECURITY", product_identification_helper: { cpe: "cpe:/o:suse:sles:11:security", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "openssh-openssl1-6.6p1-19.3.1.i586 as component of SUSE Linux Enterprise Server 11-SECURITY", product_id: "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.i586", }, product_reference: "openssh-openssl1-6.6p1-19.3.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11-SECURITY", }, { category: "default_component_of", full_product_name: { name: "openssh-openssl1-6.6p1-19.3.1.ia64 as component of SUSE Linux Enterprise Server 11-SECURITY", product_id: "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ia64", }, product_reference: "openssh-openssl1-6.6p1-19.3.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11-SECURITY", }, { category: "default_component_of", full_product_name: { name: "openssh-openssl1-6.6p1-19.3.1.ppc64 as component of SUSE Linux Enterprise Server 11-SECURITY", product_id: "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ppc64", }, product_reference: "openssh-openssl1-6.6p1-19.3.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11-SECURITY", }, { category: "default_component_of", full_product_name: { name: "openssh-openssl1-6.6p1-19.3.1.s390x as component of SUSE Linux Enterprise Server 11-SECURITY", product_id: "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.s390x", }, product_reference: "openssh-openssl1-6.6p1-19.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11-SECURITY", }, { category: "default_component_of", full_product_name: { name: "openssh-openssl1-6.6p1-19.3.1.x86_64 as component of SUSE Linux Enterprise Server 11-SECURITY", product_id: "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.x86_64", }, product_reference: "openssh-openssl1-6.6p1-19.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11-SECURITY", }, { category: "default_component_of", full_product_name: { name: "openssh-openssl1-helpers-6.6p1-19.3.1.i586 as component of SUSE Linux Enterprise Server 11-SECURITY", product_id: "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.i586", }, product_reference: "openssh-openssl1-helpers-6.6p1-19.3.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11-SECURITY", }, { category: "default_component_of", full_product_name: { name: "openssh-openssl1-helpers-6.6p1-19.3.1.ia64 as component of SUSE Linux Enterprise Server 11-SECURITY", product_id: "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ia64", }, product_reference: "openssh-openssl1-helpers-6.6p1-19.3.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11-SECURITY", }, { category: "default_component_of", full_product_name: { name: "openssh-openssl1-helpers-6.6p1-19.3.1.ppc64 as component of SUSE Linux Enterprise Server 11-SECURITY", product_id: "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ppc64", }, product_reference: "openssh-openssl1-helpers-6.6p1-19.3.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11-SECURITY", }, { category: "default_component_of", full_product_name: { name: "openssh-openssl1-helpers-6.6p1-19.3.1.s390x as component of SUSE Linux Enterprise Server 11-SECURITY", product_id: "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.s390x", }, product_reference: "openssh-openssl1-helpers-6.6p1-19.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11-SECURITY", }, { category: "default_component_of", full_product_name: { name: "openssh-openssl1-helpers-6.6p1-19.3.1.x86_64 as component of SUSE Linux Enterprise Server 11-SECURITY", product_id: "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.x86_64", }, product_reference: "openssh-openssl1-helpers-6.6p1-19.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11-SECURITY", }, ], }, vulnerabilities: [ { cve: "CVE-2008-1483", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2008-1483", }, ], notes: [ { category: "general", text: "OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.i586", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ia64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ppc64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.s390x", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.x86_64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.i586", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ia64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ppc64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.s390x", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2008-1483", url: "https://www.suse.com/security/cve/CVE-2008-1483", }, { category: "external", summary: "SUSE Bug 1069509 for CVE-2008-1483", url: "https://bugzilla.suse.com/1069509", }, { category: "external", summary: "SUSE Bug 373527 for CVE-2008-1483", url: "https://bugzilla.suse.com/373527", }, { category: "external", summary: "SUSE Bug 585630 for CVE-2008-1483", url: "https://bugzilla.suse.com/585630", }, { category: "external", summary: "SUSE Bug 647633 for CVE-2008-1483", url: "https://bugzilla.suse.com/647633", }, { category: "external", summary: "SUSE Bug 706386 for CVE-2008-1483", url: "https://bugzilla.suse.com/706386", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.i586", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ia64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ppc64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.s390x", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.x86_64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.i586", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ia64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ppc64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.s390x", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.i586", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ia64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ppc64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.s390x", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.x86_64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.i586", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ia64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ppc64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.s390x", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-14T14:06:53Z", details: "important", }, ], title: "CVE-2008-1483", }, { cve: "CVE-2016-10012", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-10012", }, ], notes: [ { category: "general", text: "The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.i586", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ia64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ppc64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.s390x", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.x86_64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.i586", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ia64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ppc64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.s390x", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-10012", url: "https://www.suse.com/security/cve/CVE-2016-10012", }, { category: "external", summary: "SUSE Bug 1006166 for CVE-2016-10012", url: "https://bugzilla.suse.com/1006166", }, { category: "external", summary: "SUSE Bug 1016336 for CVE-2016-10012", url: "https://bugzilla.suse.com/1016336", }, { category: "external", summary: "SUSE Bug 1016369 for CVE-2016-10012", url: "https://bugzilla.suse.com/1016369", }, { category: "external", summary: "SUSE Bug 1016370 for CVE-2016-10012", url: "https://bugzilla.suse.com/1016370", }, { category: "external", summary: "SUSE Bug 1017870 for CVE-2016-10012", url: "https://bugzilla.suse.com/1017870", }, { category: "external", summary: "SUSE Bug 1026634 for CVE-2016-10012", url: "https://bugzilla.suse.com/1026634", }, { category: "external", summary: "SUSE Bug 1035742 for CVE-2016-10012", url: "https://bugzilla.suse.com/1035742", }, { category: "external", summary: "SUSE Bug 1073044 for CVE-2016-10012", url: "https://bugzilla.suse.com/1073044", }, { category: "external", summary: "SUSE Bug 1092582 for CVE-2016-10012", url: "https://bugzilla.suse.com/1092582", }, { category: "external", summary: "SUSE Bug 1138392 for CVE-2016-10012", url: "https://bugzilla.suse.com/1138392", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.i586", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ia64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ppc64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.s390x", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.x86_64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.i586", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ia64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ppc64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.s390x", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.i586", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ia64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ppc64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.s390x", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.x86_64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.i586", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ia64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ppc64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.s390x", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-14T14:06:53Z", details: "low", }, ], title: "CVE-2016-10012", }, { cve: "CVE-2016-10708", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-10708", }, ], notes: [ { category: "general", text: "sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.i586", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ia64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ppc64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.s390x", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.x86_64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.i586", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ia64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ppc64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.s390x", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-10708", url: "https://www.suse.com/security/cve/CVE-2016-10708", }, { category: "external", summary: "SUSE Bug 1076957 for CVE-2016-10708", url: "https://bugzilla.suse.com/1076957", }, { category: "external", summary: "SUSE Bug 1106726 for CVE-2016-10708", url: "https://bugzilla.suse.com/1106726", }, { category: "external", summary: "SUSE Bug 1138392 for CVE-2016-10708", url: "https://bugzilla.suse.com/1138392", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.i586", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ia64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ppc64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.s390x", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.x86_64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.i586", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ia64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ppc64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.s390x", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.i586", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ia64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ppc64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.s390x", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.x86_64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.i586", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ia64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ppc64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.s390x", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-14T14:06:53Z", details: "moderate", }, ], title: "CVE-2016-10708", }, { cve: "CVE-2017-15906", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-15906", }, ], notes: [ { category: "general", text: "The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.i586", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ia64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ppc64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.s390x", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.x86_64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.i586", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ia64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ppc64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.s390x", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-15906", url: "https://www.suse.com/security/cve/CVE-2017-15906", }, { category: "external", summary: "SUSE Bug 1064285 for CVE-2017-15906", url: "https://bugzilla.suse.com/1064285", }, { category: "external", summary: "SUSE Bug 1065000 for CVE-2017-15906", url: "https://bugzilla.suse.com/1065000", }, { category: "external", summary: "SUSE Bug 1074115 for CVE-2017-15906", url: "https://bugzilla.suse.com/1074115", }, { category: "external", summary: "SUSE Bug 1079488 for CVE-2017-15906", url: "https://bugzilla.suse.com/1079488", }, { category: "external", summary: "SUSE Bug 1090163 for CVE-2017-15906", url: "https://bugzilla.suse.com/1090163", }, { category: "external", summary: "SUSE Bug 1099316 for CVE-2017-15906", url: "https://bugzilla.suse.com/1099316", }, { category: "external", summary: "SUSE Bug 1138392 for CVE-2017-15906", url: "https://bugzilla.suse.com/1138392", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.i586", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ia64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ppc64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.s390x", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.x86_64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.i586", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ia64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ppc64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.s390x", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.i586", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ia64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.ppc64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.s390x", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.3.1.x86_64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.i586", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ia64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.ppc64", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.s390x", "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-14T14:06:53Z", details: "moderate", }, ], title: "CVE-2017-15906", }, ], }
suse-su-2018:2275-1
Vulnerability from csaf_suse
Published
2018-08-09 13:56
Modified
2018-08-09 13:56
Summary
Security update for openssh
Notes
Title of the patch
Security update for openssh
Description of the patch
This update for openssh fixes the following issues:
Security issues fixed:
- CVE-2016-10012: Fix pre-auth compression checks that could be optimized away (bsc#1016370).
- CVE-2016-10708: Fix remote denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYSmessage (bsc#1076957).
- CVE-2017-15906: Fix r/o sftp-server zero byte file creation (bsc#1065000).
- CVE-2008-1483: Fix accidental re-introduction of CVE-2008-1483 (bsc#1069509).
Bug fixes:
- bsc#1017099: Match conditions with uppercase hostnames fail (bsc#1017099)
- bsc#1053972: supportedKeyExchanges diffie-hellman-group1-sha1 is duplicated (bsc#1053972)
- bsc#1023275: Messages suppressed after upgrade from SLES 11 SP3 to SP4 (bsc#1023275)
Patchnames
slessp4-openssh-13719
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for openssh", title: "Title of the patch", }, { category: "description", text: "This update for openssh fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2016-10012: Fix pre-auth compression checks that could be optimized away (bsc#1016370).\n- CVE-2016-10708: Fix remote denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYSmessage (bsc#1076957).\n- CVE-2017-15906: Fix r/o sftp-server zero byte file creation (bsc#1065000).\n- CVE-2008-1483: Fix accidental re-introduction of CVE-2008-1483 (bsc#1069509).\n\nBug fixes:\n\n- bsc#1017099: Match conditions with uppercase hostnames fail (bsc#1017099)\n- bsc#1053972: supportedKeyExchanges diffie-hellman-group1-sha1 is duplicated (bsc#1053972)\n- bsc#1023275: Messages suppressed after upgrade from SLES 11 SP3 to SP4 (bsc#1023275)\n", title: "Description of the patch", }, { category: "details", text: "slessp4-openssh-13719", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_2275-1.json", }, { category: "self", summary: "URL for SUSE-SU-2018:2275-1", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20182275-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2018:2275-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2018-August/004398.html", }, { category: "self", summary: "SUSE Bug 1016370", url: "https://bugzilla.suse.com/1016370", }, { category: "self", summary: "SUSE Bug 1017099", url: "https://bugzilla.suse.com/1017099", }, { category: "self", summary: "SUSE Bug 1023275", url: "https://bugzilla.suse.com/1023275", }, { category: "self", summary: "SUSE Bug 1053972", url: "https://bugzilla.suse.com/1053972", }, { category: "self", summary: "SUSE Bug 1065000", url: "https://bugzilla.suse.com/1065000", }, { category: "self", summary: "SUSE Bug 1069509", url: "https://bugzilla.suse.com/1069509", }, { category: "self", summary: "SUSE Bug 1076957", url: "https://bugzilla.suse.com/1076957", }, { category: "self", summary: "SUSE CVE CVE-2008-1483 page", url: "https://www.suse.com/security/cve/CVE-2008-1483/", }, { category: "self", summary: "SUSE CVE CVE-2016-10012 page", url: "https://www.suse.com/security/cve/CVE-2016-10012/", }, { category: "self", summary: "SUSE CVE CVE-2016-10708 page", url: "https://www.suse.com/security/cve/CVE-2016-10708/", }, { category: "self", summary: "SUSE CVE CVE-2017-15906 page", url: "https://www.suse.com/security/cve/CVE-2017-15906/", }, ], title: "Security update for openssh", tracking: { current_release_date: "2018-08-09T13:56:33Z", generator: { date: "2018-08-09T13:56:33Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2018:2275-1", initial_release_date: "2018-08-09T13:56:33Z", revision_history: [ { date: "2018-08-09T13:56:33Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "openssh-6.6p1-36.3.1.i586", product: { name: "openssh-6.6p1-36.3.1.i586", product_id: "openssh-6.6p1-36.3.1.i586", }, }, { category: "product_version", name: "openssh-askpass-gnome-6.6p1-36.3.1.i586", product: { name: "openssh-askpass-gnome-6.6p1-36.3.1.i586", product_id: "openssh-askpass-gnome-6.6p1-36.3.1.i586", }, }, { category: "product_version", name: "openssh-fips-6.6p1-36.3.1.i586", product: { name: "openssh-fips-6.6p1-36.3.1.i586", product_id: "openssh-fips-6.6p1-36.3.1.i586", }, }, { category: "product_version", name: "openssh-helpers-6.6p1-36.3.1.i586", product: { name: "openssh-helpers-6.6p1-36.3.1.i586", product_id: "openssh-helpers-6.6p1-36.3.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "openssh-6.6p1-36.3.1.ia64", product: { name: "openssh-6.6p1-36.3.1.ia64", product_id: "openssh-6.6p1-36.3.1.ia64", }, }, { category: "product_version", name: "openssh-askpass-gnome-6.6p1-36.3.1.ia64", product: { name: "openssh-askpass-gnome-6.6p1-36.3.1.ia64", product_id: "openssh-askpass-gnome-6.6p1-36.3.1.ia64", }, }, { category: "product_version", name: "openssh-fips-6.6p1-36.3.1.ia64", product: { name: "openssh-fips-6.6p1-36.3.1.ia64", product_id: "openssh-fips-6.6p1-36.3.1.ia64", }, }, { category: "product_version", name: "openssh-helpers-6.6p1-36.3.1.ia64", product: { name: "openssh-helpers-6.6p1-36.3.1.ia64", product_id: "openssh-helpers-6.6p1-36.3.1.ia64", }, }, ], category: "architecture", name: "ia64", }, { branches: [ { category: "product_version", name: "openssh-6.6p1-36.3.1.ppc64", product: { name: "openssh-6.6p1-36.3.1.ppc64", product_id: "openssh-6.6p1-36.3.1.ppc64", }, }, { category: "product_version", name: "openssh-askpass-gnome-6.6p1-36.3.1.ppc64", product: { name: "openssh-askpass-gnome-6.6p1-36.3.1.ppc64", product_id: "openssh-askpass-gnome-6.6p1-36.3.1.ppc64", }, }, { category: "product_version", name: "openssh-fips-6.6p1-36.3.1.ppc64", product: { name: "openssh-fips-6.6p1-36.3.1.ppc64", product_id: "openssh-fips-6.6p1-36.3.1.ppc64", }, }, { category: "product_version", name: "openssh-helpers-6.6p1-36.3.1.ppc64", product: { name: "openssh-helpers-6.6p1-36.3.1.ppc64", product_id: "openssh-helpers-6.6p1-36.3.1.ppc64", }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "openssh-6.6p1-36.3.1.s390x", product: { name: "openssh-6.6p1-36.3.1.s390x", product_id: "openssh-6.6p1-36.3.1.s390x", }, }, { category: "product_version", name: "openssh-askpass-gnome-6.6p1-36.3.1.s390x", product: { name: "openssh-askpass-gnome-6.6p1-36.3.1.s390x", product_id: "openssh-askpass-gnome-6.6p1-36.3.1.s390x", }, }, { category: "product_version", name: "openssh-fips-6.6p1-36.3.1.s390x", product: { name: "openssh-fips-6.6p1-36.3.1.s390x", product_id: "openssh-fips-6.6p1-36.3.1.s390x", }, }, { category: "product_version", name: "openssh-helpers-6.6p1-36.3.1.s390x", product: { name: "openssh-helpers-6.6p1-36.3.1.s390x", product_id: "openssh-helpers-6.6p1-36.3.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "openssh-6.6p1-36.3.1.x86_64", product: { name: "openssh-6.6p1-36.3.1.x86_64", product_id: "openssh-6.6p1-36.3.1.x86_64", }, }, { category: "product_version", name: "openssh-askpass-gnome-6.6p1-36.3.1.x86_64", product: { name: "openssh-askpass-gnome-6.6p1-36.3.1.x86_64", product_id: "openssh-askpass-gnome-6.6p1-36.3.1.x86_64", }, }, { category: "product_version", name: "openssh-fips-6.6p1-36.3.1.x86_64", product: { name: "openssh-fips-6.6p1-36.3.1.x86_64", product_id: "openssh-fips-6.6p1-36.3.1.x86_64", }, }, { category: "product_version", name: "openssh-helpers-6.6p1-36.3.1.x86_64", product: { name: "openssh-helpers-6.6p1-36.3.1.x86_64", product_id: "openssh-helpers-6.6p1-36.3.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Server 11 SP4", product: { name: "SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4", product_identification_helper: { cpe: "cpe:/o:suse:suse_sles:11:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", product: { name: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:11:sp4", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "openssh-6.6p1-36.3.1.i586 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.i586", }, product_reference: "openssh-6.6p1-36.3.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "openssh-6.6p1-36.3.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ia64", }, product_reference: "openssh-6.6p1-36.3.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "openssh-6.6p1-36.3.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ppc64", }, product_reference: "openssh-6.6p1-36.3.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "openssh-6.6p1-36.3.1.s390x as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.s390x", }, product_reference: "openssh-6.6p1-36.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "openssh-6.6p1-36.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.x86_64", }, product_reference: "openssh-6.6p1-36.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-6.6p1-36.3.1.i586 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586", }, product_reference: "openssh-askpass-gnome-6.6p1-36.3.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-6.6p1-36.3.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64", }, product_reference: "openssh-askpass-gnome-6.6p1-36.3.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-6.6p1-36.3.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64", }, product_reference: "openssh-askpass-gnome-6.6p1-36.3.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-6.6p1-36.3.1.s390x as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x", }, product_reference: "openssh-askpass-gnome-6.6p1-36.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-6.6p1-36.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64", }, product_reference: "openssh-askpass-gnome-6.6p1-36.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "openssh-fips-6.6p1-36.3.1.i586 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.i586", }, product_reference: "openssh-fips-6.6p1-36.3.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "openssh-fips-6.6p1-36.3.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ia64", }, product_reference: "openssh-fips-6.6p1-36.3.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "openssh-fips-6.6p1-36.3.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64", }, product_reference: "openssh-fips-6.6p1-36.3.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "openssh-fips-6.6p1-36.3.1.s390x as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.s390x", }, product_reference: "openssh-fips-6.6p1-36.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "openssh-fips-6.6p1-36.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64", }, product_reference: "openssh-fips-6.6p1-36.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-6.6p1-36.3.1.i586 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.i586", }, product_reference: "openssh-helpers-6.6p1-36.3.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-6.6p1-36.3.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64", }, product_reference: "openssh-helpers-6.6p1-36.3.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-6.6p1-36.3.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64", }, product_reference: "openssh-helpers-6.6p1-36.3.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-6.6p1-36.3.1.s390x as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x", }, product_reference: "openssh-helpers-6.6p1-36.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-6.6p1-36.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64", }, product_reference: "openssh-helpers-6.6p1-36.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "openssh-6.6p1-36.3.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.i586", }, product_reference: "openssh-6.6p1-36.3.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "openssh-6.6p1-36.3.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ia64", }, product_reference: "openssh-6.6p1-36.3.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "openssh-6.6p1-36.3.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ppc64", }, product_reference: "openssh-6.6p1-36.3.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "openssh-6.6p1-36.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.s390x", }, product_reference: "openssh-6.6p1-36.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "openssh-6.6p1-36.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.x86_64", }, product_reference: "openssh-6.6p1-36.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-6.6p1-36.3.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586", }, product_reference: "openssh-askpass-gnome-6.6p1-36.3.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-6.6p1-36.3.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64", }, product_reference: "openssh-askpass-gnome-6.6p1-36.3.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-6.6p1-36.3.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64", }, product_reference: "openssh-askpass-gnome-6.6p1-36.3.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-6.6p1-36.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x", }, product_reference: "openssh-askpass-gnome-6.6p1-36.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-6.6p1-36.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64", }, product_reference: "openssh-askpass-gnome-6.6p1-36.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "openssh-fips-6.6p1-36.3.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.i586", }, product_reference: "openssh-fips-6.6p1-36.3.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "openssh-fips-6.6p1-36.3.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ia64", }, product_reference: "openssh-fips-6.6p1-36.3.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "openssh-fips-6.6p1-36.3.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64", }, product_reference: "openssh-fips-6.6p1-36.3.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "openssh-fips-6.6p1-36.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.s390x", }, product_reference: "openssh-fips-6.6p1-36.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "openssh-fips-6.6p1-36.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64", }, product_reference: "openssh-fips-6.6p1-36.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-6.6p1-36.3.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.i586", }, product_reference: "openssh-helpers-6.6p1-36.3.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-6.6p1-36.3.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64", }, product_reference: "openssh-helpers-6.6p1-36.3.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-6.6p1-36.3.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64", }, product_reference: "openssh-helpers-6.6p1-36.3.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-6.6p1-36.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x", }, product_reference: "openssh-helpers-6.6p1-36.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-6.6p1-36.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64", }, product_reference: "openssh-helpers-6.6p1-36.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, ], }, vulnerabilities: [ { cve: "CVE-2008-1483", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2008-1483", }, ], notes: [ { category: "general", text: "OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2008-1483", url: "https://www.suse.com/security/cve/CVE-2008-1483", }, { category: "external", summary: "SUSE Bug 1069509 for CVE-2008-1483", url: "https://bugzilla.suse.com/1069509", }, { category: "external", summary: "SUSE Bug 373527 for CVE-2008-1483", url: "https://bugzilla.suse.com/373527", }, { category: "external", summary: "SUSE Bug 585630 for CVE-2008-1483", url: "https://bugzilla.suse.com/585630", }, { category: "external", summary: "SUSE Bug 647633 for CVE-2008-1483", url: "https://bugzilla.suse.com/647633", }, { category: "external", summary: "SUSE Bug 706386 for CVE-2008-1483", url: "https://bugzilla.suse.com/706386", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-08-09T13:56:33Z", details: "important", }, ], title: "CVE-2008-1483", }, { cve: "CVE-2016-10012", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-10012", }, ], notes: [ { category: "general", text: "The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-10012", url: "https://www.suse.com/security/cve/CVE-2016-10012", }, { category: "external", summary: "SUSE Bug 1006166 for CVE-2016-10012", url: "https://bugzilla.suse.com/1006166", }, { category: "external", summary: "SUSE Bug 1016336 for CVE-2016-10012", url: "https://bugzilla.suse.com/1016336", }, { category: "external", summary: "SUSE Bug 1016369 for CVE-2016-10012", url: "https://bugzilla.suse.com/1016369", }, { category: "external", summary: "SUSE Bug 1016370 for CVE-2016-10012", url: "https://bugzilla.suse.com/1016370", }, { category: "external", summary: "SUSE Bug 1017870 for CVE-2016-10012", url: "https://bugzilla.suse.com/1017870", }, { category: "external", summary: "SUSE Bug 1026634 for CVE-2016-10012", url: "https://bugzilla.suse.com/1026634", }, { category: "external", summary: "SUSE Bug 1035742 for CVE-2016-10012", url: "https://bugzilla.suse.com/1035742", }, { category: "external", summary: "SUSE Bug 1073044 for CVE-2016-10012", url: "https://bugzilla.suse.com/1073044", }, { category: "external", summary: "SUSE Bug 1092582 for CVE-2016-10012", url: "https://bugzilla.suse.com/1092582", }, { category: "external", summary: "SUSE Bug 1138392 for CVE-2016-10012", url: "https://bugzilla.suse.com/1138392", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-08-09T13:56:33Z", details: "low", }, ], title: "CVE-2016-10012", }, { cve: "CVE-2016-10708", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-10708", }, ], notes: [ { category: "general", text: "sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-10708", url: "https://www.suse.com/security/cve/CVE-2016-10708", }, { category: "external", summary: "SUSE Bug 1076957 for CVE-2016-10708", url: "https://bugzilla.suse.com/1076957", }, { category: "external", summary: "SUSE Bug 1106726 for CVE-2016-10708", url: "https://bugzilla.suse.com/1106726", }, { category: "external", summary: "SUSE Bug 1138392 for CVE-2016-10708", url: "https://bugzilla.suse.com/1138392", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-08-09T13:56:33Z", details: "moderate", }, ], title: "CVE-2016-10708", }, { cve: "CVE-2017-15906", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-15906", }, ], notes: [ { category: "general", text: "The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-15906", url: "https://www.suse.com/security/cve/CVE-2017-15906", }, { category: "external", summary: "SUSE Bug 1064285 for CVE-2017-15906", url: "https://bugzilla.suse.com/1064285", }, { category: "external", summary: "SUSE Bug 1065000 for CVE-2017-15906", url: "https://bugzilla.suse.com/1065000", }, { category: "external", summary: "SUSE Bug 1074115 for CVE-2017-15906", url: "https://bugzilla.suse.com/1074115", }, { category: "external", summary: "SUSE Bug 1079488 for CVE-2017-15906", url: "https://bugzilla.suse.com/1079488", }, { category: "external", summary: "SUSE Bug 1090163 for CVE-2017-15906", url: "https://bugzilla.suse.com/1090163", }, { category: "external", summary: "SUSE Bug 1099316 for CVE-2017-15906", url: "https://bugzilla.suse.com/1099316", }, { category: "external", summary: "SUSE Bug 1138392 for CVE-2017-15906", url: "https://bugzilla.suse.com/1138392", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-36.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-36.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-08-09T13:56:33Z", details: "moderate", }, ], title: "CVE-2017-15906", }, ], }
opensuse-su-2024:11124-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
openssh-8.4p1-7.4 on GA media
Notes
Title of the patch
openssh-8.4p1-7.4 on GA media
Description of the patch
These are all security issues fixed in the openssh-8.4p1-7.4 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-11124
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "openssh-8.4p1-7.4 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the openssh-8.4p1-7.4 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2024-11124", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_11124-1.json", }, { category: "self", summary: "SUSE CVE CVE-2006-0225 page", url: "https://www.suse.com/security/cve/CVE-2006-0225/", }, { category: "self", summary: "SUSE CVE CVE-2007-4752 page", url: "https://www.suse.com/security/cve/CVE-2007-4752/", }, { category: "self", summary: "SUSE CVE CVE-2008-1483 page", url: "https://www.suse.com/security/cve/CVE-2008-1483/", }, { category: "self", summary: "SUSE CVE CVE-2016-10009 page", url: "https://www.suse.com/security/cve/CVE-2016-10009/", }, { category: "self", summary: "SUSE CVE CVE-2016-10010 page", url: "https://www.suse.com/security/cve/CVE-2016-10010/", }, { category: "self", summary: "SUSE CVE CVE-2016-10011 page", url: "https://www.suse.com/security/cve/CVE-2016-10011/", }, { category: "self", summary: "SUSE CVE CVE-2016-10012 page", url: "https://www.suse.com/security/cve/CVE-2016-10012/", }, { category: "self", summary: "SUSE CVE CVE-2016-8858 page", url: "https://www.suse.com/security/cve/CVE-2016-8858/", }, { category: "self", summary: "SUSE CVE CVE-2018-20685 page", url: "https://www.suse.com/security/cve/CVE-2018-20685/", }, { category: "self", summary: "SUSE CVE CVE-2019-6109 page", url: "https://www.suse.com/security/cve/CVE-2019-6109/", }, { category: "self", summary: "SUSE CVE CVE-2019-6110 page", url: "https://www.suse.com/security/cve/CVE-2019-6110/", }, { category: "self", summary: "SUSE CVE CVE-2019-6111 page", url: "https://www.suse.com/security/cve/CVE-2019-6111/", }, ], title: "openssh-8.4p1-7.4 on GA media", tracking: { current_release_date: "2024-06-15T00:00:00Z", generator: { date: "2024-06-15T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2024:11124-1", initial_release_date: "2024-06-15T00:00:00Z", revision_history: [ { date: "2024-06-15T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "openssh-8.4p1-7.4.aarch64", product: { name: "openssh-8.4p1-7.4.aarch64", product_id: "openssh-8.4p1-7.4.aarch64", }, }, { category: "product_version", name: "openssh-cavs-8.4p1-7.4.aarch64", product: { name: "openssh-cavs-8.4p1-7.4.aarch64", product_id: "openssh-cavs-8.4p1-7.4.aarch64", }, }, { category: "product_version", name: "openssh-clients-8.4p1-7.4.aarch64", product: { name: "openssh-clients-8.4p1-7.4.aarch64", product_id: "openssh-clients-8.4p1-7.4.aarch64", }, }, { category: "product_version", name: "openssh-common-8.4p1-7.4.aarch64", product: { name: "openssh-common-8.4p1-7.4.aarch64", product_id: "openssh-common-8.4p1-7.4.aarch64", }, }, { category: "product_version", name: "openssh-fips-8.4p1-7.4.aarch64", product: { name: "openssh-fips-8.4p1-7.4.aarch64", product_id: "openssh-fips-8.4p1-7.4.aarch64", }, }, { category: "product_version", name: "openssh-helpers-8.4p1-7.4.aarch64", product: { name: "openssh-helpers-8.4p1-7.4.aarch64", product_id: "openssh-helpers-8.4p1-7.4.aarch64", }, }, { category: "product_version", name: "openssh-server-8.4p1-7.4.aarch64", product: { name: "openssh-server-8.4p1-7.4.aarch64", product_id: "openssh-server-8.4p1-7.4.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "openssh-8.4p1-7.4.ppc64le", product: { name: "openssh-8.4p1-7.4.ppc64le", product_id: "openssh-8.4p1-7.4.ppc64le", }, }, { category: "product_version", name: "openssh-cavs-8.4p1-7.4.ppc64le", product: { name: "openssh-cavs-8.4p1-7.4.ppc64le", product_id: "openssh-cavs-8.4p1-7.4.ppc64le", }, }, { category: "product_version", name: "openssh-clients-8.4p1-7.4.ppc64le", product: { name: "openssh-clients-8.4p1-7.4.ppc64le", product_id: "openssh-clients-8.4p1-7.4.ppc64le", }, }, { category: "product_version", name: "openssh-common-8.4p1-7.4.ppc64le", product: { name: "openssh-common-8.4p1-7.4.ppc64le", product_id: "openssh-common-8.4p1-7.4.ppc64le", }, }, { category: "product_version", name: "openssh-fips-8.4p1-7.4.ppc64le", product: { name: "openssh-fips-8.4p1-7.4.ppc64le", product_id: "openssh-fips-8.4p1-7.4.ppc64le", }, }, { category: "product_version", name: "openssh-helpers-8.4p1-7.4.ppc64le", product: { name: "openssh-helpers-8.4p1-7.4.ppc64le", product_id: "openssh-helpers-8.4p1-7.4.ppc64le", }, }, { category: "product_version", name: "openssh-server-8.4p1-7.4.ppc64le", product: { name: "openssh-server-8.4p1-7.4.ppc64le", product_id: "openssh-server-8.4p1-7.4.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "openssh-8.4p1-7.4.s390x", product: { name: "openssh-8.4p1-7.4.s390x", product_id: "openssh-8.4p1-7.4.s390x", }, }, { category: "product_version", name: "openssh-cavs-8.4p1-7.4.s390x", product: { name: "openssh-cavs-8.4p1-7.4.s390x", product_id: "openssh-cavs-8.4p1-7.4.s390x", }, }, { category: "product_version", name: "openssh-clients-8.4p1-7.4.s390x", product: { name: "openssh-clients-8.4p1-7.4.s390x", product_id: "openssh-clients-8.4p1-7.4.s390x", }, }, { category: "product_version", name: "openssh-common-8.4p1-7.4.s390x", product: { name: "openssh-common-8.4p1-7.4.s390x", product_id: "openssh-common-8.4p1-7.4.s390x", }, }, { category: "product_version", name: "openssh-fips-8.4p1-7.4.s390x", product: { name: "openssh-fips-8.4p1-7.4.s390x", product_id: "openssh-fips-8.4p1-7.4.s390x", }, }, { category: "product_version", name: "openssh-helpers-8.4p1-7.4.s390x", product: { name: "openssh-helpers-8.4p1-7.4.s390x", product_id: "openssh-helpers-8.4p1-7.4.s390x", }, }, { category: "product_version", name: "openssh-server-8.4p1-7.4.s390x", product: { name: "openssh-server-8.4p1-7.4.s390x", product_id: "openssh-server-8.4p1-7.4.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "openssh-8.4p1-7.4.x86_64", product: { name: "openssh-8.4p1-7.4.x86_64", product_id: "openssh-8.4p1-7.4.x86_64", }, }, { category: "product_version", name: "openssh-cavs-8.4p1-7.4.x86_64", product: { name: "openssh-cavs-8.4p1-7.4.x86_64", product_id: "openssh-cavs-8.4p1-7.4.x86_64", }, }, { category: "product_version", name: "openssh-clients-8.4p1-7.4.x86_64", product: { name: "openssh-clients-8.4p1-7.4.x86_64", product_id: "openssh-clients-8.4p1-7.4.x86_64", }, }, { category: "product_version", name: "openssh-common-8.4p1-7.4.x86_64", product: { name: "openssh-common-8.4p1-7.4.x86_64", product_id: "openssh-common-8.4p1-7.4.x86_64", }, }, { category: "product_version", name: "openssh-fips-8.4p1-7.4.x86_64", product: { name: "openssh-fips-8.4p1-7.4.x86_64", product_id: "openssh-fips-8.4p1-7.4.x86_64", }, }, { category: "product_version", name: "openssh-helpers-8.4p1-7.4.x86_64", product: { name: "openssh-helpers-8.4p1-7.4.x86_64", product_id: "openssh-helpers-8.4p1-7.4.x86_64", }, }, { category: "product_version", name: "openssh-server-8.4p1-7.4.x86_64", product: { name: "openssh-server-8.4p1-7.4.x86_64", product_id: "openssh-server-8.4p1-7.4.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "openssh-8.4p1-7.4.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64", }, product_reference: "openssh-8.4p1-7.4.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "openssh-8.4p1-7.4.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le", }, product_reference: "openssh-8.4p1-7.4.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "openssh-8.4p1-7.4.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x", }, product_reference: "openssh-8.4p1-7.4.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "openssh-8.4p1-7.4.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64", }, product_reference: "openssh-8.4p1-7.4.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "openssh-cavs-8.4p1-7.4.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64", }, product_reference: "openssh-cavs-8.4p1-7.4.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "openssh-cavs-8.4p1-7.4.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le", }, product_reference: "openssh-cavs-8.4p1-7.4.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "openssh-cavs-8.4p1-7.4.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x", }, product_reference: "openssh-cavs-8.4p1-7.4.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "openssh-cavs-8.4p1-7.4.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64", }, product_reference: "openssh-cavs-8.4p1-7.4.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-8.4p1-7.4.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64", }, product_reference: "openssh-clients-8.4p1-7.4.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-8.4p1-7.4.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le", }, product_reference: "openssh-clients-8.4p1-7.4.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-8.4p1-7.4.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x", }, product_reference: "openssh-clients-8.4p1-7.4.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-8.4p1-7.4.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64", }, product_reference: "openssh-clients-8.4p1-7.4.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "openssh-common-8.4p1-7.4.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64", }, product_reference: "openssh-common-8.4p1-7.4.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "openssh-common-8.4p1-7.4.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le", }, product_reference: "openssh-common-8.4p1-7.4.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "openssh-common-8.4p1-7.4.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x", }, product_reference: "openssh-common-8.4p1-7.4.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "openssh-common-8.4p1-7.4.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64", }, product_reference: "openssh-common-8.4p1-7.4.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "openssh-fips-8.4p1-7.4.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64", }, product_reference: "openssh-fips-8.4p1-7.4.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "openssh-fips-8.4p1-7.4.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le", }, product_reference: "openssh-fips-8.4p1-7.4.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "openssh-fips-8.4p1-7.4.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x", }, product_reference: "openssh-fips-8.4p1-7.4.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "openssh-fips-8.4p1-7.4.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64", }, product_reference: "openssh-fips-8.4p1-7.4.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-8.4p1-7.4.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64", }, product_reference: "openssh-helpers-8.4p1-7.4.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-8.4p1-7.4.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le", }, product_reference: "openssh-helpers-8.4p1-7.4.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-8.4p1-7.4.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x", }, product_reference: "openssh-helpers-8.4p1-7.4.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "openssh-helpers-8.4p1-7.4.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64", }, product_reference: "openssh-helpers-8.4p1-7.4.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "openssh-server-8.4p1-7.4.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64", }, product_reference: "openssh-server-8.4p1-7.4.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "openssh-server-8.4p1-7.4.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le", }, product_reference: "openssh-server-8.4p1-7.4.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "openssh-server-8.4p1-7.4.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x", }, product_reference: "openssh-server-8.4p1-7.4.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "openssh-server-8.4p1-7.4.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64", }, product_reference: "openssh-server-8.4p1-7.4.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2006-0225", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2006-0225", }, ], notes: [ { category: "general", text: "scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2006-0225", url: "https://www.suse.com/security/cve/CVE-2006-0225", }, { category: "external", summary: "SUSE Bug 143435 for CVE-2006-0225", url: "https://bugzilla.suse.com/143435", }, { category: "external", summary: "SUSE Bug 206456 for CVE-2006-0225", url: "https://bugzilla.suse.com/206456", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2006-0225", }, { cve: "CVE-2007-4752", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2007-4752", }, ], notes: [ { category: "general", text: "ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2007-4752", url: "https://www.suse.com/security/cve/CVE-2007-4752", }, { category: "external", summary: "SUSE Bug 308521 for CVE-2007-4752", url: "https://bugzilla.suse.com/308521", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2007-4752", }, { cve: "CVE-2008-1483", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2008-1483", }, ], notes: [ { category: "general", text: "OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2008-1483", url: "https://www.suse.com/security/cve/CVE-2008-1483", }, { category: "external", summary: "SUSE Bug 1069509 for CVE-2008-1483", url: "https://bugzilla.suse.com/1069509", }, { category: "external", summary: "SUSE Bug 373527 for CVE-2008-1483", url: "https://bugzilla.suse.com/373527", }, { category: "external", summary: "SUSE Bug 585630 for CVE-2008-1483", url: "https://bugzilla.suse.com/585630", }, { category: "external", summary: "SUSE Bug 647633 for CVE-2008-1483", url: "https://bugzilla.suse.com/647633", }, { category: "external", summary: "SUSE Bug 706386 for CVE-2008-1483", url: "https://bugzilla.suse.com/706386", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2008-1483", }, { cve: "CVE-2016-10009", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-10009", }, ], notes: [ { category: "general", text: "Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-10009", url: "https://www.suse.com/security/cve/CVE-2016-10009", }, { category: "external", summary: "SUSE Bug 1016336 for CVE-2016-10009", url: "https://bugzilla.suse.com/1016336", }, { category: "external", summary: "SUSE Bug 1016366 for CVE-2016-10009", url: "https://bugzilla.suse.com/1016366", }, { category: "external", summary: "SUSE Bug 1016370 for CVE-2016-10009", url: "https://bugzilla.suse.com/1016370", }, { category: "external", summary: "SUSE Bug 1026634 for CVE-2016-10009", url: "https://bugzilla.suse.com/1026634", }, { category: "external", summary: "SUSE Bug 1138392 for CVE-2016-10009", url: "https://bugzilla.suse.com/1138392", }, { category: "external", summary: "SUSE Bug 1213504 for CVE-2016-10009", url: "https://bugzilla.suse.com/1213504", }, { category: "external", summary: "SUSE Bug 1217035 for CVE-2016-10009", url: "https://bugzilla.suse.com/1217035", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-10009", }, { cve: "CVE-2016-10010", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-10010", }, ], notes: [ { category: "general", text: "sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-10010", url: "https://www.suse.com/security/cve/CVE-2016-10010", }, { category: "external", summary: "SUSE Bug 1016336 for CVE-2016-10010", url: "https://bugzilla.suse.com/1016336", }, { category: "external", summary: "SUSE Bug 1016368 for CVE-2016-10010", url: "https://bugzilla.suse.com/1016368", }, { category: "external", summary: "SUSE Bug 1021751 for CVE-2016-10010", url: "https://bugzilla.suse.com/1021751", }, { category: "external", summary: "SUSE Bug 1196721 for CVE-2016-10010", url: "https://bugzilla.suse.com/1196721", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2016-10010", }, { cve: "CVE-2016-10011", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-10011", }, ], notes: [ { category: "general", text: "authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-10011", url: "https://www.suse.com/security/cve/CVE-2016-10011", }, { category: "external", summary: "SUSE Bug 1016336 for CVE-2016-10011", url: "https://bugzilla.suse.com/1016336", }, { category: "external", summary: "SUSE Bug 1016369 for CVE-2016-10011", url: "https://bugzilla.suse.com/1016369", }, { category: "external", summary: "SUSE Bug 1016370 for CVE-2016-10011", url: "https://bugzilla.suse.com/1016370", }, { category: "external", summary: "SUSE Bug 1017870 for CVE-2016-10011", url: "https://bugzilla.suse.com/1017870", }, { category: "external", summary: "SUSE Bug 1026634 for CVE-2016-10011", url: "https://bugzilla.suse.com/1026634", }, { category: "external", summary: "SUSE Bug 1029445 for CVE-2016-10011", url: "https://bugzilla.suse.com/1029445", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2016-10011", }, { cve: "CVE-2016-10012", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-10012", }, ], notes: [ { category: "general", text: "The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-10012", url: "https://www.suse.com/security/cve/CVE-2016-10012", }, { category: "external", summary: "SUSE Bug 1006166 for CVE-2016-10012", url: "https://bugzilla.suse.com/1006166", }, { category: "external", summary: "SUSE Bug 1016336 for CVE-2016-10012", url: "https://bugzilla.suse.com/1016336", }, { category: "external", summary: "SUSE Bug 1016369 for CVE-2016-10012", url: "https://bugzilla.suse.com/1016369", }, { category: "external", summary: "SUSE Bug 1016370 for CVE-2016-10012", url: "https://bugzilla.suse.com/1016370", }, { category: "external", summary: "SUSE Bug 1017870 for CVE-2016-10012", url: "https://bugzilla.suse.com/1017870", }, { category: "external", summary: "SUSE Bug 1026634 for CVE-2016-10012", url: "https://bugzilla.suse.com/1026634", }, { category: "external", summary: "SUSE Bug 1035742 for CVE-2016-10012", url: "https://bugzilla.suse.com/1035742", }, { category: "external", summary: "SUSE Bug 1073044 for CVE-2016-10012", url: "https://bugzilla.suse.com/1073044", }, { category: "external", summary: "SUSE Bug 1092582 for CVE-2016-10012", url: "https://bugzilla.suse.com/1092582", }, { category: "external", summary: "SUSE Bug 1138392 for CVE-2016-10012", url: "https://bugzilla.suse.com/1138392", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2016-10012", }, { cve: "CVE-2016-8858", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-8858", }, ], notes: [ { category: "general", text: "** DISPUTED ** The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE: a third party reports that \"OpenSSH upstream does not consider this as a security issue.\"", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-8858", url: "https://www.suse.com/security/cve/CVE-2016-8858", }, { category: "external", summary: "SUSE Bug 1005480 for CVE-2016-8858", url: "https://bugzilla.suse.com/1005480", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-8858", }, { cve: "CVE-2018-20685", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-20685", }, ], notes: [ { category: "general", text: "In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-20685", url: "https://www.suse.com/security/cve/CVE-2018-20685", }, { category: "external", summary: "SUSE Bug 1121571 for CVE-2018-20685", url: "https://bugzilla.suse.com/1121571", }, { category: "external", summary: "SUSE Bug 1123220 for CVE-2018-20685", url: "https://bugzilla.suse.com/1123220", }, { category: "external", summary: "SUSE Bug 1131109 for CVE-2018-20685", url: "https://bugzilla.suse.com/1131109", }, { category: "external", summary: "SUSE Bug 1134932 for CVE-2018-20685", url: "https://bugzilla.suse.com/1134932", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2018-20685", }, { cve: "CVE-2019-6109", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-6109", }, ], notes: [ { category: "general", text: "An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-6109", url: "https://www.suse.com/security/cve/CVE-2019-6109", }, { category: "external", summary: "SUSE Bug 1121571 for CVE-2019-6109", url: "https://bugzilla.suse.com/1121571", }, { category: "external", summary: "SUSE Bug 1121816 for CVE-2019-6109", url: "https://bugzilla.suse.com/1121816", }, { category: "external", summary: "SUSE Bug 1121818 for CVE-2019-6109", url: "https://bugzilla.suse.com/1121818", }, { category: "external", summary: "SUSE Bug 1121821 for CVE-2019-6109", url: "https://bugzilla.suse.com/1121821", }, { category: "external", summary: "SUSE Bug 1138392 for CVE-2019-6109", url: "https://bugzilla.suse.com/1138392", }, { category: "external", summary: "SUSE Bug 1144902 for CVE-2019-6109", url: "https://bugzilla.suse.com/1144902", }, { category: "external", summary: "SUSE Bug 1144903 for CVE-2019-6109", url: "https://bugzilla.suse.com/1144903", }, { category: "external", summary: "SUSE Bug 1148884 for CVE-2019-6109", url: "https://bugzilla.suse.com/1148884", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-6109", }, { cve: "CVE-2019-6110", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-6110", }, ], notes: [ { category: "general", text: "In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-6110", url: "https://www.suse.com/security/cve/CVE-2019-6110", }, { category: "external", summary: "SUSE Bug 1121571 for CVE-2019-6110", url: "https://bugzilla.suse.com/1121571", }, { category: "external", summary: "SUSE Bug 1121816 for CVE-2019-6110", url: "https://bugzilla.suse.com/1121816", }, { category: "external", summary: "SUSE Bug 1121818 for CVE-2019-6110", url: "https://bugzilla.suse.com/1121818", }, { category: "external", summary: "SUSE Bug 1121821 for CVE-2019-6110", url: "https://bugzilla.suse.com/1121821", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-6110", }, { cve: "CVE-2019-6111", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-6111", }, ], notes: [ { category: "general", text: "An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-6111", url: "https://www.suse.com/security/cve/CVE-2019-6111", }, { category: "external", summary: "SUSE Bug 1121571 for CVE-2019-6111", url: "https://bugzilla.suse.com/1121571", }, { category: "external", summary: "SUSE Bug 1121816 for CVE-2019-6111", url: "https://bugzilla.suse.com/1121816", }, { category: "external", summary: "SUSE Bug 1121818 for CVE-2019-6111", url: "https://bugzilla.suse.com/1121818", }, { category: "external", summary: "SUSE Bug 1121821 for CVE-2019-6111", url: "https://bugzilla.suse.com/1121821", }, { category: "external", summary: "SUSE Bug 1123028 for CVE-2019-6111", url: "https://bugzilla.suse.com/1123028", }, { category: "external", summary: "SUSE Bug 1123220 for CVE-2019-6111", url: "https://bugzilla.suse.com/1123220", }, { category: "external", summary: "SUSE Bug 1131109 for CVE-2019-6111", url: "https://bugzilla.suse.com/1131109", }, { category: "external", summary: "SUSE Bug 1138392 for CVE-2019-6111", url: "https://bugzilla.suse.com/1138392", }, { category: "external", summary: "SUSE Bug 1144902 for CVE-2019-6111", url: "https://bugzilla.suse.com/1144902", }, { category: "external", summary: "SUSE Bug 1144903 for CVE-2019-6111", url: "https://bugzilla.suse.com/1144903", }, { category: "external", summary: "SUSE Bug 1148884 for CVE-2019-6111", url: "https://bugzilla.suse.com/1148884", }, { category: "external", summary: "SUSE Bug 1201840 for CVE-2019-6111", url: "https://bugzilla.suse.com/1201840", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:openssh-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-cavs-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-clients-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-common-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-fips-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-helpers-8.4p1-7.4.x86_64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.aarch64", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.ppc64le", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.s390x", "openSUSE Tumbleweed:openssh-server-8.4p1-7.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-6111", }, ], }
fkie_cve-2008-1483
Vulnerability from fkie_nvd
Published
2008-03-24 23:44
Modified
2025-04-09 00:30
Severity ?
Summary
OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openbsd:openssh:4.3p2:*:*:*:*:*:*:*", matchCriteriaId: "3640CCC9-EC4A-44A4-B747-7BAAAD3460C7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.", }, { lang: "es", value: "OpenSSH 4.3p2 y probablemente otras versiones, permite a usuarios locales secuestrar conexiones X enviadas provocando que ssh ponga DISPLAY a :10, incluso cuando otro proceso está escuchando en el puerto asociado, como se demostró abriendo el puerto TCp 6010 (IPv4) y escaneando una cookie enviada por Emacs.", }, ], id: "CVE-2008-1483", lastModified: "2025-04-09T00:30:58.490", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2008-03-24T23:44:00.000", references: [ { source: "cve@mitre.org", url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-005.txt.asc", }, { source: "cve@mitre.org", url: "http://aix.software.ibm.com/aix/efixes/security/ssh_advisory.asc", }, { source: "cve@mitre.org", url: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463011", }, { source: "cve@mitre.org", url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01462841", }, { source: "cve@mitre.org", url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01462841", }, { source: "cve@mitre.org", url: "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00007.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29522", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29537", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29554", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29626", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29676", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29683", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29686", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29721", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29735", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29873", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29939", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/30086", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/30230", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/30249", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/30347", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/30361", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/31531", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/31882", }, { source: "cve@mitre.org", url: "http://security.FreeBSD.org/advisories/FreeBSD-SA-08:05.openssh.asc", }, { source: "cve@mitre.org", url: "http://sourceforge.net/project/shownotes.php?release_id=590180&group_id=69227", }, { source: "cve@mitre.org", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237444-1", }, { source: "cve@mitre.org", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1019235.1-1", }, { source: "cve@mitre.org", url: "http://support.attachmate.com/techdocs/2374.html", }, { source: "cve@mitre.org", url: "http://support.avaya.com/elmodocs2/security/ASA-2008-205.htm", }, { source: "cve@mitre.org", url: "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2008-1483", }, { source: "cve@mitre.org", url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0120", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2008/dsa-1576", }, { source: "cve@mitre.org", url: "http://www.gentoo.org/security/en/glsa/glsa-200804-03.xml", }, { source: "cve@mitre.org", url: "http://www.globus.org/mail_archive/security-announce/2008/04/msg00000.html", }, { source: "cve@mitre.org", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:078", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/490054/100/0/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/28444", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id?1019707", }, { source: "cve@mitre.org", url: "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.540188", }, { source: "cve@mitre.org", tags: [ "US Government Resource", ], url: "http://www.us-cert.gov/cas/techalerts/TA08-260A.html", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2008/0994/references", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2008/1123/references", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2008/1124/references", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2008/1448/references", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2008/1526/references", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2008/1624/references", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2008/1630/references", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2008/2396", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2008/2584", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/41438", }, { source: "cve@mitre.org", url: "https://issues.rpath.com/browse/RPL-2397", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6085", }, { source: "cve@mitre.org", url: "https://usn.ubuntu.com/597-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-005.txt.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://aix.software.ibm.com/aix/efixes/security/ssh_advisory.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463011", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01462841", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01462841", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00007.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29522", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29537", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29554", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29626", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29676", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29683", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29686", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29721", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29735", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29873", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29939", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/30086", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/30230", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/30249", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/30347", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/30361", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/31531", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/31882", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.FreeBSD.org/advisories/FreeBSD-SA-08:05.openssh.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://sourceforge.net/project/shownotes.php?release_id=590180&group_id=69227", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237444-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1019235.1-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://support.attachmate.com/techdocs/2374.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://support.avaya.com/elmodocs2/security/ASA-2008-205.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2008-1483", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0120", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2008/dsa-1576", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.gentoo.org/security/en/glsa/glsa-200804-03.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.globus.org/mail_archive/security-announce/2008/04/msg00000.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:078", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/490054/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/28444", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id?1019707", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.540188", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "US Government Resource", ], url: "http://www.us-cert.gov/cas/techalerts/TA08-260A.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2008/0994/references", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2008/1123/references", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2008/1124/references", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2008/1448/references", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2008/1526/references", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2008/1624/references", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2008/1630/references", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2008/2396", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2008/2584", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/41438", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://issues.rpath.com/browse/RPL-2397", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6085", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://usn.ubuntu.com/597-1/", }, ], sourceIdentifier: "cve@mitre.org", vendorComments: [ { comment: "All openssh versions shipped in Red Hat Enterprise Linux 5 include the patch for this issue.\n\nThis issue was fixed in Red Hat Enterprise Linux 4 via: https://rhn.redhat.com/errata/RHSA-2005-527.html\n\nRed Hat Enterprise Linux 3 is affected by this issue. The Red Hat Security Response Team has rated this issue as having low security\nimpact. https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-1483\n", lastModified: "2010-03-19T00:00:00", organization: "Red Hat", }, ], vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
rhsa-2005:527
Vulnerability from csaf_redhat
Published
2005-10-05 11:54
Modified
2024-11-21 23:51
Summary
Red Hat Security Advisory: openssh security update
Notes
Topic
Updated openssh packages that fix a security issue, bugs, and add support
for recording login user IDs for audit are now available for Red Hat
Enterprise Linux 4.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
Details
OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation.
An error in the way OpenSSH handled GSSAPI credential delegation was
discovered. OpenSSH as distributed with Red Hat Enterprise Linux 4 contains
support for GSSAPI user authentication, typically used for supporting
Kerberos. On OpenSSH installations which have GSSAPI enabled, this flaw
could allow a user who sucessfully authenticates using a method other than
GSSAPI to be delegated with GSSAPI credentials. The Common Vulnerabilities
and Exposures project (cve.mitre.org) has assigned the name CAN-2005-2798
to this issue.
Additionally, the following bugs have been addressed:
The ssh command incorrectly failed when it was issued by the root user with
a non-default group set.
The sshd daemon could fail to properly close the client connection if
multiple X clients were forwarded over the connection and the client
session exited.
The sshd daemon could bind only on the IPv6 address family for X forwarding
if the port on IPv4 address family was already bound. The X forwarding did
not work in such cases.
This update also adds support for recording login user IDs for the auditing
service. The user ID is attached to the audit records generated from the
user's session.
All users of openssh should upgrade to these updated packages, which
contain backported patches to resolve these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated openssh packages that fix a security issue, bugs, and add support\nfor recording login user IDs for audit are now available for Red Hat\nEnterprise Linux 4.\n\nThis update has been rated as having moderate security impact by the Red\nHat Security Response Team.", title: "Topic", }, { category: "general", text: "OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation. \n\nAn error in the way OpenSSH handled GSSAPI credential delegation was\ndiscovered. OpenSSH as distributed with Red Hat Enterprise Linux 4 contains\nsupport for GSSAPI user authentication, typically used for supporting\nKerberos. On OpenSSH installations which have GSSAPI enabled, this flaw\ncould allow a user who sucessfully authenticates using a method other than\nGSSAPI to be delegated with GSSAPI credentials. The Common Vulnerabilities\nand Exposures project (cve.mitre.org) has assigned the name CAN-2005-2798\nto this issue.\n\nAdditionally, the following bugs have been addressed:\n\nThe ssh command incorrectly failed when it was issued by the root user with\na non-default group set.\n\nThe sshd daemon could fail to properly close the client connection if\nmultiple X clients were forwarded over the connection and the client\nsession exited.\n\nThe sshd daemon could bind only on the IPv6 address family for X forwarding\nif the port on IPv4 address family was already bound. The X forwarding did\nnot work in such cases.\n\nThis update also adds support for recording login user IDs for the auditing\nservice. The user ID is attached to the audit records generated from the\nuser's session.\n\nAll users of openssh should upgrade to these updated packages, which\ncontain backported patches to resolve these issues.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2005:527", url: "https://access.redhat.com/errata/RHSA-2005:527", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "159331", url: "https://bugzilla.redhat.com/show_bug.cgi?id=159331", }, { category: "external", summary: "167444", url: "https://bugzilla.redhat.com/show_bug.cgi?id=167444", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2005/rhsa-2005_527.json", }, ], title: "Red Hat Security Advisory: openssh security update", tracking: { current_release_date: "2024-11-21T23:51:40+00:00", generator: { date: "2024-11-21T23:51:40+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2005:527", initial_release_date: "2005-10-05T11:54:00+00:00", revision_history: [ { date: "2005-10-05T11:54:00+00:00", number: "1", summary: "Initial version", }, { date: "2005-10-05T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-21T23:51:40+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AS version 4", product: { name: "Red Hat Enterprise Linux AS version 4", product_id: "4AS", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:4::as", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Desktop version 4", product: { name: "Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:4::desktop", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ES version 4", product: { name: "Red Hat Enterprise Linux ES version 4", product_id: "4ES", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:4::es", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux WS version 4", product: { name: "Red Hat Enterprise Linux WS version 4", product_id: "4WS", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:4::ws", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", product: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", product_id: "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass@3.9p1-8.RHEL4.9?arch=ia64", }, }, }, { category: "product_version", name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", product: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", product_id: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass-gnome@3.9p1-8.RHEL4.9?arch=ia64", }, }, }, { category: "product_version", name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", product: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", product_id: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-debuginfo@3.9p1-8.RHEL4.9?arch=ia64", }, }, }, { category: "product_version", name: "openssh-server-0:3.9p1-8.RHEL4.9.ia64", product: { name: "openssh-server-0:3.9p1-8.RHEL4.9.ia64", product_id: "openssh-server-0:3.9p1-8.RHEL4.9.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-server@3.9p1-8.RHEL4.9?arch=ia64", }, }, }, { category: "product_version", name: "openssh-0:3.9p1-8.RHEL4.9.ia64", product: { name: "openssh-0:3.9p1-8.RHEL4.9.ia64", product_id: "openssh-0:3.9p1-8.RHEL4.9.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh@3.9p1-8.RHEL4.9?arch=ia64", }, }, }, { category: "product_version", name: "openssh-clients-0:3.9p1-8.RHEL4.9.ia64", product: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.ia64", product_id: "openssh-clients-0:3.9p1-8.RHEL4.9.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-clients@3.9p1-8.RHEL4.9?arch=ia64", }, }, }, ], category: "architecture", name: "ia64", }, { branches: [ { category: "product_version", name: "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", product: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", product_id: "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass@3.9p1-8.RHEL4.9?arch=x86_64", }, }, }, { category: "product_version", name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", product: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", product_id: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass-gnome@3.9p1-8.RHEL4.9?arch=x86_64", }, }, }, { category: "product_version", name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", product: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", product_id: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-debuginfo@3.9p1-8.RHEL4.9?arch=x86_64", }, }, }, { category: "product_version", name: "openssh-server-0:3.9p1-8.RHEL4.9.x86_64", product: { name: "openssh-server-0:3.9p1-8.RHEL4.9.x86_64", product_id: "openssh-server-0:3.9p1-8.RHEL4.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-server@3.9p1-8.RHEL4.9?arch=x86_64", }, }, }, { category: "product_version", name: "openssh-0:3.9p1-8.RHEL4.9.x86_64", product: { name: "openssh-0:3.9p1-8.RHEL4.9.x86_64", product_id: "openssh-0:3.9p1-8.RHEL4.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh@3.9p1-8.RHEL4.9?arch=x86_64", }, }, }, { category: "product_version", name: "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", product: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", product_id: "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-clients@3.9p1-8.RHEL4.9?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "openssh-askpass-0:3.9p1-8.RHEL4.9.i386", product: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.i386", product_id: "openssh-askpass-0:3.9p1-8.RHEL4.9.i386", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass@3.9p1-8.RHEL4.9?arch=i386", }, }, }, { category: "product_version", name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", product: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", product_id: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass-gnome@3.9p1-8.RHEL4.9?arch=i386", }, }, }, { category: "product_version", name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", product: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", product_id: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-debuginfo@3.9p1-8.RHEL4.9?arch=i386", }, }, }, { category: "product_version", name: "openssh-server-0:3.9p1-8.RHEL4.9.i386", product: { name: "openssh-server-0:3.9p1-8.RHEL4.9.i386", product_id: "openssh-server-0:3.9p1-8.RHEL4.9.i386", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-server@3.9p1-8.RHEL4.9?arch=i386", }, }, }, { category: "product_version", name: "openssh-0:3.9p1-8.RHEL4.9.i386", product: { name: "openssh-0:3.9p1-8.RHEL4.9.i386", product_id: "openssh-0:3.9p1-8.RHEL4.9.i386", product_identification_helper: { purl: "pkg:rpm/redhat/openssh@3.9p1-8.RHEL4.9?arch=i386", }, }, }, { category: "product_version", name: "openssh-clients-0:3.9p1-8.RHEL4.9.i386", product: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.i386", product_id: "openssh-clients-0:3.9p1-8.RHEL4.9.i386", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-clients@3.9p1-8.RHEL4.9?arch=i386", }, }, }, ], category: "architecture", name: "i386", }, { branches: [ { category: "product_version", name: "openssh-0:3.9p1-8.RHEL4.9.src", product: { name: "openssh-0:3.9p1-8.RHEL4.9.src", product_id: "openssh-0:3.9p1-8.RHEL4.9.src", product_identification_helper: { purl: "pkg:rpm/redhat/openssh@3.9p1-8.RHEL4.9?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", product: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", product_id: "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass@3.9p1-8.RHEL4.9?arch=ppc", }, }, }, { category: "product_version", name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", product: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", product_id: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass-gnome@3.9p1-8.RHEL4.9?arch=ppc", }, }, }, { category: "product_version", name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", product: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", product_id: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-debuginfo@3.9p1-8.RHEL4.9?arch=ppc", }, }, }, { category: "product_version", name: "openssh-server-0:3.9p1-8.RHEL4.9.ppc", product: { name: "openssh-server-0:3.9p1-8.RHEL4.9.ppc", product_id: "openssh-server-0:3.9p1-8.RHEL4.9.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-server@3.9p1-8.RHEL4.9?arch=ppc", }, }, }, { category: "product_version", name: "openssh-0:3.9p1-8.RHEL4.9.ppc", product: { name: "openssh-0:3.9p1-8.RHEL4.9.ppc", product_id: "openssh-0:3.9p1-8.RHEL4.9.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/openssh@3.9p1-8.RHEL4.9?arch=ppc", }, }, }, { category: "product_version", name: "openssh-clients-0:3.9p1-8.RHEL4.9.ppc", product: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.ppc", product_id: "openssh-clients-0:3.9p1-8.RHEL4.9.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-clients@3.9p1-8.RHEL4.9?arch=ppc", }, }, }, ], category: "architecture", name: "ppc", }, { branches: [ { category: "product_version", name: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", product: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", product_id: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass@3.9p1-8.RHEL4.9?arch=s390x", }, }, }, { category: "product_version", name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", product: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", product_id: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass-gnome@3.9p1-8.RHEL4.9?arch=s390x", }, }, }, { category: "product_version", name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", product: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", product_id: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-debuginfo@3.9p1-8.RHEL4.9?arch=s390x", }, }, }, { category: "product_version", name: "openssh-server-0:3.9p1-8.RHEL4.9.s390x", product: { name: "openssh-server-0:3.9p1-8.RHEL4.9.s390x", product_id: "openssh-server-0:3.9p1-8.RHEL4.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-server@3.9p1-8.RHEL4.9?arch=s390x", }, }, }, { category: "product_version", name: "openssh-0:3.9p1-8.RHEL4.9.s390x", product: { name: "openssh-0:3.9p1-8.RHEL4.9.s390x", product_id: "openssh-0:3.9p1-8.RHEL4.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssh@3.9p1-8.RHEL4.9?arch=s390x", }, }, }, { category: "product_version", name: "openssh-clients-0:3.9p1-8.RHEL4.9.s390x", product: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.s390x", product_id: "openssh-clients-0:3.9p1-8.RHEL4.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-clients@3.9p1-8.RHEL4.9?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390", product: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390", product_id: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass@3.9p1-8.RHEL4.9?arch=s390", }, }, }, { category: "product_version", name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", product: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", product_id: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass-gnome@3.9p1-8.RHEL4.9?arch=s390", }, }, }, { category: "product_version", name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", product: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", product_id: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-debuginfo@3.9p1-8.RHEL4.9?arch=s390", }, }, }, { category: "product_version", name: "openssh-server-0:3.9p1-8.RHEL4.9.s390", product: { name: "openssh-server-0:3.9p1-8.RHEL4.9.s390", product_id: "openssh-server-0:3.9p1-8.RHEL4.9.s390", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-server@3.9p1-8.RHEL4.9?arch=s390", }, }, }, { category: "product_version", name: "openssh-0:3.9p1-8.RHEL4.9.s390", product: { name: "openssh-0:3.9p1-8.RHEL4.9.s390", product_id: "openssh-0:3.9p1-8.RHEL4.9.s390", product_identification_helper: { purl: "pkg:rpm/redhat/openssh@3.9p1-8.RHEL4.9?arch=s390", }, }, }, { category: "product_version", name: "openssh-clients-0:3.9p1-8.RHEL4.9.s390", product: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.s390", product_id: "openssh-clients-0:3.9p1-8.RHEL4.9.s390", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-clients@3.9p1-8.RHEL4.9?arch=s390", }, }, }, ], category: "architecture", name: "s390", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.src as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-0:3.9p1-8.RHEL4.9.src", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.src", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-server-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-server-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-server-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.src as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-0:3.9p1-8.RHEL4.9.src", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.src", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.src as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-0:3.9p1-8.RHEL4.9.src", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.src", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-server-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-server-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-server-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.src as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-0:3.9p1-8.RHEL4.9.src", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.src", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-server-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-server-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-server-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4WS", }, ], }, vulnerabilities: [ { cve: "CVE-2005-2798", discovery_date: "2005-09-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1617757", }, ], notes: [ { category: "description", text: "sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect Red Hat Enterprise Linux 2.1 and 3.\n\nThis flaw was fixed in Red Hat Enterprise Linux 4 via errata RHSA-2005:527:\nhttp://rhn.redhat.com/errata/RHSA-2005-527.html", title: "Statement", }, ], product_status: { fixed: [ "4AS:openssh-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-0:3.9p1-8.RHEL4.9.src", "4AS:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.src", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-0:3.9p1-8.RHEL4.9.src", "4ES:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-0:3.9p1-8.RHEL4.9.src", "4WS:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-2798", }, { category: "external", summary: "RHBZ#1617757", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1617757", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-2798", url: "https://www.cve.org/CVERecord?id=CVE-2005-2798", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-2798", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-2798", }, ], release_date: "2005-09-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2005-10-05T11:54:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/", product_ids: [ "4AS:openssh-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-0:3.9p1-8.RHEL4.9.src", "4AS:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.src", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-0:3.9p1-8.RHEL4.9.src", "4ES:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-0:3.9p1-8.RHEL4.9.src", "4WS:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2005:527", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "security flaw", }, { cve: "CVE-2008-1483", discovery_date: "2008-01-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "439079", }, ], notes: [ { category: "description", text: "OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.", title: "Vulnerability description", }, { category: "summary", text: "openssh may set DISPLAY even if it's unable to listen on respective port", title: "Vulnerability summary", }, { category: "other", text: "All openssh versions shipped in Red Hat Enterprise Linux 5 include the patch for this issue. Red Hat Enterprise Linux 3 is affected by this issue.", title: "Statement", }, ], product_status: { fixed: [ "4AS:openssh-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-0:3.9p1-8.RHEL4.9.src", "4AS:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.src", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-0:3.9p1-8.RHEL4.9.src", "4ES:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-0:3.9p1-8.RHEL4.9.src", "4WS:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2008-1483", }, { category: "external", summary: "RHBZ#439079", url: "https://bugzilla.redhat.com/show_bug.cgi?id=439079", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2008-1483", url: "https://www.cve.org/CVERecord?id=CVE-2008-1483", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2008-1483", url: "https://nvd.nist.gov/vuln/detail/CVE-2008-1483", }, ], release_date: "2008-01-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2005-10-05T11:54:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/", product_ids: [ "4AS:openssh-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-0:3.9p1-8.RHEL4.9.src", "4AS:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.src", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-0:3.9p1-8.RHEL4.9.src", "4ES:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-0:3.9p1-8.RHEL4.9.src", "4WS:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2005:527", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "openssh may set DISPLAY even if it's unable to listen on respective port", }, ], }
RHSA-2005:527
Vulnerability from csaf_redhat
Published
2005-10-05 11:54
Modified
2024-11-21 23:51
Summary
Red Hat Security Advisory: openssh security update
Notes
Topic
Updated openssh packages that fix a security issue, bugs, and add support
for recording login user IDs for audit are now available for Red Hat
Enterprise Linux 4.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
Details
OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation.
An error in the way OpenSSH handled GSSAPI credential delegation was
discovered. OpenSSH as distributed with Red Hat Enterprise Linux 4 contains
support for GSSAPI user authentication, typically used for supporting
Kerberos. On OpenSSH installations which have GSSAPI enabled, this flaw
could allow a user who sucessfully authenticates using a method other than
GSSAPI to be delegated with GSSAPI credentials. The Common Vulnerabilities
and Exposures project (cve.mitre.org) has assigned the name CAN-2005-2798
to this issue.
Additionally, the following bugs have been addressed:
The ssh command incorrectly failed when it was issued by the root user with
a non-default group set.
The sshd daemon could fail to properly close the client connection if
multiple X clients were forwarded over the connection and the client
session exited.
The sshd daemon could bind only on the IPv6 address family for X forwarding
if the port on IPv4 address family was already bound. The X forwarding did
not work in such cases.
This update also adds support for recording login user IDs for the auditing
service. The user ID is attached to the audit records generated from the
user's session.
All users of openssh should upgrade to these updated packages, which
contain backported patches to resolve these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated openssh packages that fix a security issue, bugs, and add support\nfor recording login user IDs for audit are now available for Red Hat\nEnterprise Linux 4.\n\nThis update has been rated as having moderate security impact by the Red\nHat Security Response Team.", title: "Topic", }, { category: "general", text: "OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation. \n\nAn error in the way OpenSSH handled GSSAPI credential delegation was\ndiscovered. OpenSSH as distributed with Red Hat Enterprise Linux 4 contains\nsupport for GSSAPI user authentication, typically used for supporting\nKerberos. On OpenSSH installations which have GSSAPI enabled, this flaw\ncould allow a user who sucessfully authenticates using a method other than\nGSSAPI to be delegated with GSSAPI credentials. The Common Vulnerabilities\nand Exposures project (cve.mitre.org) has assigned the name CAN-2005-2798\nto this issue.\n\nAdditionally, the following bugs have been addressed:\n\nThe ssh command incorrectly failed when it was issued by the root user with\na non-default group set.\n\nThe sshd daemon could fail to properly close the client connection if\nmultiple X clients were forwarded over the connection and the client\nsession exited.\n\nThe sshd daemon could bind only on the IPv6 address family for X forwarding\nif the port on IPv4 address family was already bound. The X forwarding did\nnot work in such cases.\n\nThis update also adds support for recording login user IDs for the auditing\nservice. The user ID is attached to the audit records generated from the\nuser's session.\n\nAll users of openssh should upgrade to these updated packages, which\ncontain backported patches to resolve these issues.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2005:527", url: "https://access.redhat.com/errata/RHSA-2005:527", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "159331", url: "https://bugzilla.redhat.com/show_bug.cgi?id=159331", }, { category: "external", summary: "167444", url: "https://bugzilla.redhat.com/show_bug.cgi?id=167444", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2005/rhsa-2005_527.json", }, ], title: "Red Hat Security Advisory: openssh security update", tracking: { current_release_date: "2024-11-21T23:51:40+00:00", generator: { date: "2024-11-21T23:51:40+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2005:527", initial_release_date: "2005-10-05T11:54:00+00:00", revision_history: [ { date: "2005-10-05T11:54:00+00:00", number: "1", summary: "Initial version", }, { date: "2005-10-05T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-21T23:51:40+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AS version 4", product: { name: "Red Hat Enterprise Linux AS version 4", product_id: "4AS", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:4::as", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Desktop version 4", product: { name: "Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:4::desktop", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ES version 4", product: { name: "Red Hat Enterprise Linux ES version 4", product_id: "4ES", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:4::es", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux WS version 4", product: { name: "Red Hat Enterprise Linux WS version 4", product_id: "4WS", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:4::ws", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", product: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", product_id: "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass@3.9p1-8.RHEL4.9?arch=ia64", }, }, }, { category: "product_version", name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", product: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", product_id: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass-gnome@3.9p1-8.RHEL4.9?arch=ia64", }, }, }, { category: "product_version", name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", product: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", product_id: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-debuginfo@3.9p1-8.RHEL4.9?arch=ia64", }, }, }, { category: "product_version", name: "openssh-server-0:3.9p1-8.RHEL4.9.ia64", product: { name: "openssh-server-0:3.9p1-8.RHEL4.9.ia64", product_id: "openssh-server-0:3.9p1-8.RHEL4.9.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-server@3.9p1-8.RHEL4.9?arch=ia64", }, }, }, { category: "product_version", name: "openssh-0:3.9p1-8.RHEL4.9.ia64", product: { name: "openssh-0:3.9p1-8.RHEL4.9.ia64", product_id: "openssh-0:3.9p1-8.RHEL4.9.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh@3.9p1-8.RHEL4.9?arch=ia64", }, }, }, { category: "product_version", name: "openssh-clients-0:3.9p1-8.RHEL4.9.ia64", product: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.ia64", product_id: "openssh-clients-0:3.9p1-8.RHEL4.9.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-clients@3.9p1-8.RHEL4.9?arch=ia64", }, }, }, ], category: "architecture", name: "ia64", }, { branches: [ { category: "product_version", name: "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", product: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", product_id: "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass@3.9p1-8.RHEL4.9?arch=x86_64", }, }, }, { category: "product_version", name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", product: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", product_id: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass-gnome@3.9p1-8.RHEL4.9?arch=x86_64", }, }, }, { category: "product_version", name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", product: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", product_id: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-debuginfo@3.9p1-8.RHEL4.9?arch=x86_64", }, }, }, { category: "product_version", name: "openssh-server-0:3.9p1-8.RHEL4.9.x86_64", product: { name: "openssh-server-0:3.9p1-8.RHEL4.9.x86_64", product_id: "openssh-server-0:3.9p1-8.RHEL4.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-server@3.9p1-8.RHEL4.9?arch=x86_64", }, }, }, { category: "product_version", name: "openssh-0:3.9p1-8.RHEL4.9.x86_64", product: { name: "openssh-0:3.9p1-8.RHEL4.9.x86_64", product_id: "openssh-0:3.9p1-8.RHEL4.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh@3.9p1-8.RHEL4.9?arch=x86_64", }, }, }, { category: "product_version", name: "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", product: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", product_id: "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-clients@3.9p1-8.RHEL4.9?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "openssh-askpass-0:3.9p1-8.RHEL4.9.i386", product: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.i386", product_id: "openssh-askpass-0:3.9p1-8.RHEL4.9.i386", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass@3.9p1-8.RHEL4.9?arch=i386", }, }, }, { category: "product_version", name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", product: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", product_id: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass-gnome@3.9p1-8.RHEL4.9?arch=i386", }, }, }, { category: "product_version", name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", product: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", product_id: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-debuginfo@3.9p1-8.RHEL4.9?arch=i386", }, }, }, { category: "product_version", name: "openssh-server-0:3.9p1-8.RHEL4.9.i386", product: { name: "openssh-server-0:3.9p1-8.RHEL4.9.i386", product_id: "openssh-server-0:3.9p1-8.RHEL4.9.i386", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-server@3.9p1-8.RHEL4.9?arch=i386", }, }, }, { category: "product_version", name: "openssh-0:3.9p1-8.RHEL4.9.i386", product: { name: "openssh-0:3.9p1-8.RHEL4.9.i386", product_id: "openssh-0:3.9p1-8.RHEL4.9.i386", product_identification_helper: { purl: "pkg:rpm/redhat/openssh@3.9p1-8.RHEL4.9?arch=i386", }, }, }, { category: "product_version", name: "openssh-clients-0:3.9p1-8.RHEL4.9.i386", product: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.i386", product_id: "openssh-clients-0:3.9p1-8.RHEL4.9.i386", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-clients@3.9p1-8.RHEL4.9?arch=i386", }, }, }, ], category: "architecture", name: "i386", }, { branches: [ { category: "product_version", name: "openssh-0:3.9p1-8.RHEL4.9.src", product: { name: "openssh-0:3.9p1-8.RHEL4.9.src", product_id: "openssh-0:3.9p1-8.RHEL4.9.src", product_identification_helper: { purl: "pkg:rpm/redhat/openssh@3.9p1-8.RHEL4.9?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", product: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", product_id: "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass@3.9p1-8.RHEL4.9?arch=ppc", }, }, }, { category: "product_version", name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", product: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", product_id: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass-gnome@3.9p1-8.RHEL4.9?arch=ppc", }, }, }, { category: "product_version", name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", product: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", product_id: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-debuginfo@3.9p1-8.RHEL4.9?arch=ppc", }, }, }, { category: "product_version", name: "openssh-server-0:3.9p1-8.RHEL4.9.ppc", product: { name: "openssh-server-0:3.9p1-8.RHEL4.9.ppc", product_id: "openssh-server-0:3.9p1-8.RHEL4.9.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-server@3.9p1-8.RHEL4.9?arch=ppc", }, }, }, { category: "product_version", name: "openssh-0:3.9p1-8.RHEL4.9.ppc", product: { name: "openssh-0:3.9p1-8.RHEL4.9.ppc", product_id: "openssh-0:3.9p1-8.RHEL4.9.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/openssh@3.9p1-8.RHEL4.9?arch=ppc", }, }, }, { category: "product_version", name: "openssh-clients-0:3.9p1-8.RHEL4.9.ppc", product: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.ppc", product_id: "openssh-clients-0:3.9p1-8.RHEL4.9.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-clients@3.9p1-8.RHEL4.9?arch=ppc", }, }, }, ], category: "architecture", name: "ppc", }, { branches: [ { category: "product_version", name: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", product: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", product_id: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass@3.9p1-8.RHEL4.9?arch=s390x", }, }, }, { category: "product_version", name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", product: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", product_id: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass-gnome@3.9p1-8.RHEL4.9?arch=s390x", }, }, }, { category: "product_version", name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", product: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", product_id: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-debuginfo@3.9p1-8.RHEL4.9?arch=s390x", }, }, }, { category: "product_version", name: "openssh-server-0:3.9p1-8.RHEL4.9.s390x", product: { name: "openssh-server-0:3.9p1-8.RHEL4.9.s390x", product_id: "openssh-server-0:3.9p1-8.RHEL4.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-server@3.9p1-8.RHEL4.9?arch=s390x", }, }, }, { category: "product_version", name: "openssh-0:3.9p1-8.RHEL4.9.s390x", product: { name: "openssh-0:3.9p1-8.RHEL4.9.s390x", product_id: "openssh-0:3.9p1-8.RHEL4.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssh@3.9p1-8.RHEL4.9?arch=s390x", }, }, }, { category: "product_version", name: "openssh-clients-0:3.9p1-8.RHEL4.9.s390x", product: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.s390x", product_id: "openssh-clients-0:3.9p1-8.RHEL4.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-clients@3.9p1-8.RHEL4.9?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390", product: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390", product_id: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass@3.9p1-8.RHEL4.9?arch=s390", }, }, }, { category: "product_version", name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", product: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", product_id: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass-gnome@3.9p1-8.RHEL4.9?arch=s390", }, }, }, { category: "product_version", name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", product: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", product_id: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-debuginfo@3.9p1-8.RHEL4.9?arch=s390", }, }, }, { category: "product_version", name: "openssh-server-0:3.9p1-8.RHEL4.9.s390", product: { name: "openssh-server-0:3.9p1-8.RHEL4.9.s390", product_id: "openssh-server-0:3.9p1-8.RHEL4.9.s390", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-server@3.9p1-8.RHEL4.9?arch=s390", }, }, }, { category: "product_version", name: "openssh-0:3.9p1-8.RHEL4.9.s390", product: { name: "openssh-0:3.9p1-8.RHEL4.9.s390", product_id: "openssh-0:3.9p1-8.RHEL4.9.s390", product_identification_helper: { purl: "pkg:rpm/redhat/openssh@3.9p1-8.RHEL4.9?arch=s390", }, }, }, { category: "product_version", name: "openssh-clients-0:3.9p1-8.RHEL4.9.s390", product: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.s390", product_id: "openssh-clients-0:3.9p1-8.RHEL4.9.s390", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-clients@3.9p1-8.RHEL4.9?arch=s390", }, }, }, ], category: "architecture", name: "s390", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.src as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-0:3.9p1-8.RHEL4.9.src", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.src", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-server-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-server-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-server-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.src as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-0:3.9p1-8.RHEL4.9.src", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.src", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.src as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-0:3.9p1-8.RHEL4.9.src", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.src", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-server-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-server-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-server-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.src as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-0:3.9p1-8.RHEL4.9.src", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.src", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-server-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-server-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-server-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4WS", }, ], }, vulnerabilities: [ { cve: "CVE-2005-2798", discovery_date: "2005-09-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1617757", }, ], notes: [ { category: "description", text: "sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect Red Hat Enterprise Linux 2.1 and 3.\n\nThis flaw was fixed in Red Hat Enterprise Linux 4 via errata RHSA-2005:527:\nhttp://rhn.redhat.com/errata/RHSA-2005-527.html", title: "Statement", }, ], product_status: { fixed: [ "4AS:openssh-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-0:3.9p1-8.RHEL4.9.src", "4AS:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.src", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-0:3.9p1-8.RHEL4.9.src", "4ES:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-0:3.9p1-8.RHEL4.9.src", "4WS:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-2798", }, { category: "external", summary: "RHBZ#1617757", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1617757", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-2798", url: "https://www.cve.org/CVERecord?id=CVE-2005-2798", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-2798", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-2798", }, ], release_date: "2005-09-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2005-10-05T11:54:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/", product_ids: [ "4AS:openssh-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-0:3.9p1-8.RHEL4.9.src", "4AS:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.src", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-0:3.9p1-8.RHEL4.9.src", "4ES:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-0:3.9p1-8.RHEL4.9.src", "4WS:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2005:527", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "security flaw", }, { cve: "CVE-2008-1483", discovery_date: "2008-01-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "439079", }, ], notes: [ { category: "description", text: "OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.", title: "Vulnerability description", }, { category: "summary", text: "openssh may set DISPLAY even if it's unable to listen on respective port", title: "Vulnerability summary", }, { category: "other", text: "All openssh versions shipped in Red Hat Enterprise Linux 5 include the patch for this issue. Red Hat Enterprise Linux 3 is affected by this issue.", title: "Statement", }, ], product_status: { fixed: [ "4AS:openssh-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-0:3.9p1-8.RHEL4.9.src", "4AS:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.src", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-0:3.9p1-8.RHEL4.9.src", "4ES:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-0:3.9p1-8.RHEL4.9.src", "4WS:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2008-1483", }, { category: "external", summary: "RHBZ#439079", url: "https://bugzilla.redhat.com/show_bug.cgi?id=439079", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2008-1483", url: "https://www.cve.org/CVERecord?id=CVE-2008-1483", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2008-1483", url: "https://nvd.nist.gov/vuln/detail/CVE-2008-1483", }, ], release_date: "2008-01-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2005-10-05T11:54:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/", product_ids: [ "4AS:openssh-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-0:3.9p1-8.RHEL4.9.src", "4AS:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.src", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-0:3.9p1-8.RHEL4.9.src", "4ES:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-0:3.9p1-8.RHEL4.9.src", "4WS:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2005:527", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "openssh may set DISPLAY even if it's unable to listen on respective port", }, ], }
rhsa-2005_527
Vulnerability from csaf_redhat
Published
2005-10-05 11:54
Modified
2024-11-21 23:51
Summary
Red Hat Security Advisory: openssh security update
Notes
Topic
Updated openssh packages that fix a security issue, bugs, and add support
for recording login user IDs for audit are now available for Red Hat
Enterprise Linux 4.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
Details
OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation.
An error in the way OpenSSH handled GSSAPI credential delegation was
discovered. OpenSSH as distributed with Red Hat Enterprise Linux 4 contains
support for GSSAPI user authentication, typically used for supporting
Kerberos. On OpenSSH installations which have GSSAPI enabled, this flaw
could allow a user who sucessfully authenticates using a method other than
GSSAPI to be delegated with GSSAPI credentials. The Common Vulnerabilities
and Exposures project (cve.mitre.org) has assigned the name CAN-2005-2798
to this issue.
Additionally, the following bugs have been addressed:
The ssh command incorrectly failed when it was issued by the root user with
a non-default group set.
The sshd daemon could fail to properly close the client connection if
multiple X clients were forwarded over the connection and the client
session exited.
The sshd daemon could bind only on the IPv6 address family for X forwarding
if the port on IPv4 address family was already bound. The X forwarding did
not work in such cases.
This update also adds support for recording login user IDs for the auditing
service. The user ID is attached to the audit records generated from the
user's session.
All users of openssh should upgrade to these updated packages, which
contain backported patches to resolve these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated openssh packages that fix a security issue, bugs, and add support\nfor recording login user IDs for audit are now available for Red Hat\nEnterprise Linux 4.\n\nThis update has been rated as having moderate security impact by the Red\nHat Security Response Team.", title: "Topic", }, { category: "general", text: "OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation. \n\nAn error in the way OpenSSH handled GSSAPI credential delegation was\ndiscovered. OpenSSH as distributed with Red Hat Enterprise Linux 4 contains\nsupport for GSSAPI user authentication, typically used for supporting\nKerberos. On OpenSSH installations which have GSSAPI enabled, this flaw\ncould allow a user who sucessfully authenticates using a method other than\nGSSAPI to be delegated with GSSAPI credentials. The Common Vulnerabilities\nand Exposures project (cve.mitre.org) has assigned the name CAN-2005-2798\nto this issue.\n\nAdditionally, the following bugs have been addressed:\n\nThe ssh command incorrectly failed when it was issued by the root user with\na non-default group set.\n\nThe sshd daemon could fail to properly close the client connection if\nmultiple X clients were forwarded over the connection and the client\nsession exited.\n\nThe sshd daemon could bind only on the IPv6 address family for X forwarding\nif the port on IPv4 address family was already bound. The X forwarding did\nnot work in such cases.\n\nThis update also adds support for recording login user IDs for the auditing\nservice. The user ID is attached to the audit records generated from the\nuser's session.\n\nAll users of openssh should upgrade to these updated packages, which\ncontain backported patches to resolve these issues.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2005:527", url: "https://access.redhat.com/errata/RHSA-2005:527", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "159331", url: "https://bugzilla.redhat.com/show_bug.cgi?id=159331", }, { category: "external", summary: "167444", url: "https://bugzilla.redhat.com/show_bug.cgi?id=167444", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2005/rhsa-2005_527.json", }, ], title: "Red Hat Security Advisory: openssh security update", tracking: { current_release_date: "2024-11-21T23:51:40+00:00", generator: { date: "2024-11-21T23:51:40+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2005:527", initial_release_date: "2005-10-05T11:54:00+00:00", revision_history: [ { date: "2005-10-05T11:54:00+00:00", number: "1", summary: "Initial version", }, { date: "2005-10-05T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-21T23:51:40+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AS version 4", product: { name: "Red Hat Enterprise Linux AS version 4", product_id: "4AS", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:4::as", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Desktop version 4", product: { name: "Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:4::desktop", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ES version 4", product: { name: "Red Hat Enterprise Linux ES version 4", product_id: "4ES", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:4::es", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux WS version 4", product: { name: "Red Hat Enterprise Linux WS version 4", product_id: "4WS", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:4::ws", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", product: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", product_id: "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass@3.9p1-8.RHEL4.9?arch=ia64", }, }, }, { category: "product_version", name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", product: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", product_id: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass-gnome@3.9p1-8.RHEL4.9?arch=ia64", }, }, }, { category: "product_version", name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", product: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", product_id: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-debuginfo@3.9p1-8.RHEL4.9?arch=ia64", }, }, }, { category: "product_version", name: "openssh-server-0:3.9p1-8.RHEL4.9.ia64", product: { name: "openssh-server-0:3.9p1-8.RHEL4.9.ia64", product_id: "openssh-server-0:3.9p1-8.RHEL4.9.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-server@3.9p1-8.RHEL4.9?arch=ia64", }, }, }, { category: "product_version", name: "openssh-0:3.9p1-8.RHEL4.9.ia64", product: { name: "openssh-0:3.9p1-8.RHEL4.9.ia64", product_id: "openssh-0:3.9p1-8.RHEL4.9.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh@3.9p1-8.RHEL4.9?arch=ia64", }, }, }, { category: "product_version", name: "openssh-clients-0:3.9p1-8.RHEL4.9.ia64", product: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.ia64", product_id: "openssh-clients-0:3.9p1-8.RHEL4.9.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-clients@3.9p1-8.RHEL4.9?arch=ia64", }, }, }, ], category: "architecture", name: "ia64", }, { branches: [ { category: "product_version", name: "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", product: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", product_id: "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass@3.9p1-8.RHEL4.9?arch=x86_64", }, }, }, { category: "product_version", name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", product: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", product_id: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass-gnome@3.9p1-8.RHEL4.9?arch=x86_64", }, }, }, { category: "product_version", name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", product: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", product_id: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-debuginfo@3.9p1-8.RHEL4.9?arch=x86_64", }, }, }, { category: "product_version", name: "openssh-server-0:3.9p1-8.RHEL4.9.x86_64", product: { name: "openssh-server-0:3.9p1-8.RHEL4.9.x86_64", product_id: "openssh-server-0:3.9p1-8.RHEL4.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-server@3.9p1-8.RHEL4.9?arch=x86_64", }, }, }, { category: "product_version", name: "openssh-0:3.9p1-8.RHEL4.9.x86_64", product: { name: "openssh-0:3.9p1-8.RHEL4.9.x86_64", product_id: "openssh-0:3.9p1-8.RHEL4.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh@3.9p1-8.RHEL4.9?arch=x86_64", }, }, }, { category: "product_version", name: "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", product: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", product_id: "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-clients@3.9p1-8.RHEL4.9?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "openssh-askpass-0:3.9p1-8.RHEL4.9.i386", product: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.i386", product_id: "openssh-askpass-0:3.9p1-8.RHEL4.9.i386", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass@3.9p1-8.RHEL4.9?arch=i386", }, }, }, { category: "product_version", name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", product: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", product_id: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass-gnome@3.9p1-8.RHEL4.9?arch=i386", }, }, }, { category: "product_version", name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", product: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", product_id: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-debuginfo@3.9p1-8.RHEL4.9?arch=i386", }, }, }, { category: "product_version", name: "openssh-server-0:3.9p1-8.RHEL4.9.i386", product: { name: "openssh-server-0:3.9p1-8.RHEL4.9.i386", product_id: "openssh-server-0:3.9p1-8.RHEL4.9.i386", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-server@3.9p1-8.RHEL4.9?arch=i386", }, }, }, { category: "product_version", name: "openssh-0:3.9p1-8.RHEL4.9.i386", product: { name: "openssh-0:3.9p1-8.RHEL4.9.i386", product_id: "openssh-0:3.9p1-8.RHEL4.9.i386", product_identification_helper: { purl: "pkg:rpm/redhat/openssh@3.9p1-8.RHEL4.9?arch=i386", }, }, }, { category: "product_version", name: "openssh-clients-0:3.9p1-8.RHEL4.9.i386", product: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.i386", product_id: "openssh-clients-0:3.9p1-8.RHEL4.9.i386", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-clients@3.9p1-8.RHEL4.9?arch=i386", }, }, }, ], category: "architecture", name: "i386", }, { branches: [ { category: "product_version", name: "openssh-0:3.9p1-8.RHEL4.9.src", product: { name: "openssh-0:3.9p1-8.RHEL4.9.src", product_id: "openssh-0:3.9p1-8.RHEL4.9.src", product_identification_helper: { purl: "pkg:rpm/redhat/openssh@3.9p1-8.RHEL4.9?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", product: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", product_id: "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass@3.9p1-8.RHEL4.9?arch=ppc", }, }, }, { category: "product_version", name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", product: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", product_id: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass-gnome@3.9p1-8.RHEL4.9?arch=ppc", }, }, }, { category: "product_version", name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", product: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", product_id: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-debuginfo@3.9p1-8.RHEL4.9?arch=ppc", }, }, }, { category: "product_version", name: "openssh-server-0:3.9p1-8.RHEL4.9.ppc", product: { name: "openssh-server-0:3.9p1-8.RHEL4.9.ppc", product_id: "openssh-server-0:3.9p1-8.RHEL4.9.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-server@3.9p1-8.RHEL4.9?arch=ppc", }, }, }, { category: "product_version", name: "openssh-0:3.9p1-8.RHEL4.9.ppc", product: { name: "openssh-0:3.9p1-8.RHEL4.9.ppc", product_id: "openssh-0:3.9p1-8.RHEL4.9.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/openssh@3.9p1-8.RHEL4.9?arch=ppc", }, }, }, { category: "product_version", name: "openssh-clients-0:3.9p1-8.RHEL4.9.ppc", product: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.ppc", product_id: "openssh-clients-0:3.9p1-8.RHEL4.9.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-clients@3.9p1-8.RHEL4.9?arch=ppc", }, }, }, ], category: "architecture", name: "ppc", }, { branches: [ { category: "product_version", name: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", product: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", product_id: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass@3.9p1-8.RHEL4.9?arch=s390x", }, }, }, { category: "product_version", name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", product: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", product_id: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass-gnome@3.9p1-8.RHEL4.9?arch=s390x", }, }, }, { category: "product_version", name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", product: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", product_id: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-debuginfo@3.9p1-8.RHEL4.9?arch=s390x", }, }, }, { category: "product_version", name: "openssh-server-0:3.9p1-8.RHEL4.9.s390x", product: { name: "openssh-server-0:3.9p1-8.RHEL4.9.s390x", product_id: "openssh-server-0:3.9p1-8.RHEL4.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-server@3.9p1-8.RHEL4.9?arch=s390x", }, }, }, { category: "product_version", name: "openssh-0:3.9p1-8.RHEL4.9.s390x", product: { name: "openssh-0:3.9p1-8.RHEL4.9.s390x", product_id: "openssh-0:3.9p1-8.RHEL4.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssh@3.9p1-8.RHEL4.9?arch=s390x", }, }, }, { category: "product_version", name: "openssh-clients-0:3.9p1-8.RHEL4.9.s390x", product: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.s390x", product_id: "openssh-clients-0:3.9p1-8.RHEL4.9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-clients@3.9p1-8.RHEL4.9?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390", product: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390", product_id: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass@3.9p1-8.RHEL4.9?arch=s390", }, }, }, { category: "product_version", name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", product: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", product_id: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass-gnome@3.9p1-8.RHEL4.9?arch=s390", }, }, }, { category: "product_version", name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", product: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", product_id: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-debuginfo@3.9p1-8.RHEL4.9?arch=s390", }, }, }, { category: "product_version", name: "openssh-server-0:3.9p1-8.RHEL4.9.s390", product: { name: "openssh-server-0:3.9p1-8.RHEL4.9.s390", product_id: "openssh-server-0:3.9p1-8.RHEL4.9.s390", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-server@3.9p1-8.RHEL4.9?arch=s390", }, }, }, { category: "product_version", name: "openssh-0:3.9p1-8.RHEL4.9.s390", product: { name: "openssh-0:3.9p1-8.RHEL4.9.s390", product_id: "openssh-0:3.9p1-8.RHEL4.9.s390", product_identification_helper: { purl: "pkg:rpm/redhat/openssh@3.9p1-8.RHEL4.9?arch=s390", }, }, }, { category: "product_version", name: "openssh-clients-0:3.9p1-8.RHEL4.9.s390", product: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.s390", product_id: "openssh-clients-0:3.9p1-8.RHEL4.9.s390", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-clients@3.9p1-8.RHEL4.9?arch=s390", }, }, }, ], category: "architecture", name: "s390", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.src as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-0:3.9p1-8.RHEL4.9.src", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.src", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-server-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-server-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-server-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.src as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-0:3.9p1-8.RHEL4.9.src", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.src", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.src as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-0:3.9p1-8.RHEL4.9.src", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.src", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-server-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-server-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-server-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.src as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-0:3.9p1-8.RHEL4.9.src", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.src", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.i386 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-server-0:3.9p1-8.RHEL4.9.i386", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.i386", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.ia64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-server-0:3.9p1-8.RHEL4.9.ia64", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.ia64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.ppc as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-server-0:3.9p1-8.RHEL4.9.ppc", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.ppc", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.s390 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.s390", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.s390x as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390x", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.s390x", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:3.9p1-8.RHEL4.9.x86_64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", }, product_reference: "openssh-server-0:3.9p1-8.RHEL4.9.x86_64", relates_to_product_reference: "4WS", }, ], }, vulnerabilities: [ { cve: "CVE-2005-2798", discovery_date: "2005-09-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1617757", }, ], notes: [ { category: "description", text: "sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect Red Hat Enterprise Linux 2.1 and 3.\n\nThis flaw was fixed in Red Hat Enterprise Linux 4 via errata RHSA-2005:527:\nhttp://rhn.redhat.com/errata/RHSA-2005-527.html", title: "Statement", }, ], product_status: { fixed: [ "4AS:openssh-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-0:3.9p1-8.RHEL4.9.src", "4AS:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.src", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-0:3.9p1-8.RHEL4.9.src", "4ES:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-0:3.9p1-8.RHEL4.9.src", "4WS:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-2798", }, { category: "external", summary: "RHBZ#1617757", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1617757", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-2798", url: "https://www.cve.org/CVERecord?id=CVE-2005-2798", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-2798", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-2798", }, ], release_date: "2005-09-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2005-10-05T11:54:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/", product_ids: [ "4AS:openssh-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-0:3.9p1-8.RHEL4.9.src", "4AS:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.src", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-0:3.9p1-8.RHEL4.9.src", "4ES:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-0:3.9p1-8.RHEL4.9.src", "4WS:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2005:527", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "security flaw", }, { cve: "CVE-2008-1483", discovery_date: "2008-01-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "439079", }, ], notes: [ { category: "description", text: "OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.", title: "Vulnerability description", }, { category: "summary", text: "openssh may set DISPLAY even if it's unable to listen on respective port", title: "Vulnerability summary", }, { category: "other", text: "All openssh versions shipped in Red Hat Enterprise Linux 5 include the patch for this issue. Red Hat Enterprise Linux 3 is affected by this issue.", title: "Statement", }, ], product_status: { fixed: [ "4AS:openssh-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-0:3.9p1-8.RHEL4.9.src", "4AS:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.src", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-0:3.9p1-8.RHEL4.9.src", "4ES:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-0:3.9p1-8.RHEL4.9.src", "4WS:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2008-1483", }, { category: "external", summary: "RHBZ#439079", url: "https://bugzilla.redhat.com/show_bug.cgi?id=439079", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2008-1483", url: "https://www.cve.org/CVERecord?id=CVE-2008-1483", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2008-1483", url: "https://nvd.nist.gov/vuln/detail/CVE-2008-1483", }, ], release_date: "2008-01-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2005-10-05T11:54:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/", product_ids: [ "4AS:openssh-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-0:3.9p1-8.RHEL4.9.src", "4AS:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4AS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.src", "4Desktop:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4Desktop:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-0:3.9p1-8.RHEL4.9.src", "4ES:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4ES:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-0:3.9p1-8.RHEL4.9.src", "4WS:openssh-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-askpass-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-askpass-gnome-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-clients-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-debuginfo-0:3.9p1-8.RHEL4.9.x86_64", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.i386", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.ia64", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.ppc", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.s390x", "4WS:openssh-server-0:3.9p1-8.RHEL4.9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2005:527", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "openssh may set DISPLAY even if it's unable to listen on respective port", }, ], }
ghsa-m4xr-866g-83x6
Vulnerability from github
Published
2022-05-03 03:19
Modified
2022-05-03 03:19
Details
OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.
{ affected: [], aliases: [ "CVE-2008-1483", ], database_specific: { cwe_ids: [], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2008-03-24T23:44:00Z", severity: "MODERATE", }, details: "OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.", id: "GHSA-m4xr-866g-83x6", modified: "2022-05-03T03:19:15Z", published: "2022-05-03T03:19:15Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2008-1483", }, { type: "WEB", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/41438", }, { type: "WEB", url: "https://issues.rpath.com/browse/RPL-2397", }, { type: "WEB", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6085", }, { type: "WEB", url: "https://usn.ubuntu.com/597-1", }, { type: "WEB", url: "http://aix.software.ibm.com/aix/efixes/security/ssh_advisory.asc", }, { type: "WEB", url: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463011", }, { type: "WEB", url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01462841", }, { type: "WEB", url: "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html", }, { type: "WEB", url: "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00007.html", }, { type: "WEB", url: "http://secunia.com/advisories/29522", }, { type: "WEB", url: "http://secunia.com/advisories/29537", }, { type: "WEB", url: "http://secunia.com/advisories/29554", }, { type: "WEB", url: "http://secunia.com/advisories/29626", }, { type: "WEB", url: "http://secunia.com/advisories/29676", }, { type: "WEB", url: "http://secunia.com/advisories/29683", }, { type: "WEB", url: "http://secunia.com/advisories/29686", }, { type: "WEB", url: "http://secunia.com/advisories/29721", }, { type: "WEB", url: "http://secunia.com/advisories/29735", }, { type: "WEB", url: "http://secunia.com/advisories/29873", }, { type: "WEB", url: "http://secunia.com/advisories/29939", }, { type: "WEB", url: "http://secunia.com/advisories/30086", }, { type: "WEB", url: "http://secunia.com/advisories/30230", }, { type: "WEB", url: "http://secunia.com/advisories/30249", }, { type: "WEB", url: "http://secunia.com/advisories/30347", }, { type: "WEB", url: "http://secunia.com/advisories/30361", }, { type: "WEB", url: "http://secunia.com/advisories/31531", }, { type: "WEB", url: "http://secunia.com/advisories/31882", }, { type: "WEB", url: "http://security.FreeBSD.org/advisories/FreeBSD-SA-08:05.openssh.asc", }, { type: "WEB", url: "http://sourceforge.net/project/shownotes.php?release_id=590180&group_id=69227", }, { type: "WEB", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237444-1", }, { type: "WEB", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1019235.1-1", }, { type: "WEB", url: "http://support.attachmate.com/techdocs/2374.html", }, { type: "WEB", url: "http://support.avaya.com/elmodocs2/security/ASA-2008-205.htm", }, { type: "WEB", url: "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2008-1483", }, { type: "WEB", url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0120", }, { type: "WEB", url: "http://www.debian.org/security/2008/dsa-1576", }, { type: "WEB", url: "http://www.gentoo.org/security/en/glsa/glsa-200804-03.xml", }, { type: "WEB", url: "http://www.globus.org/mail_archive/security-announce/2008/04/msg00000.html", }, { type: "WEB", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:078", }, { type: "WEB", url: "http://www.securityfocus.com/archive/1/490054/100/0/threaded", }, { type: "WEB", url: "http://www.securityfocus.com/bid/28444", }, { type: "WEB", url: "http://www.securitytracker.com/id?1019707", }, { type: "WEB", url: "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.540188", }, { type: "WEB", url: "http://www.us-cert.gov/cas/techalerts/TA08-260A.html", }, { type: "WEB", url: "http://www.vupen.com/english/advisories/2008/0994/references", }, { type: "WEB", url: "http://www.vupen.com/english/advisories/2008/1123/references", }, { type: "WEB", url: "http://www.vupen.com/english/advisories/2008/1124/references", }, { type: "WEB", url: "http://www.vupen.com/english/advisories/2008/1448/references", }, { type: "WEB", url: "http://www.vupen.com/english/advisories/2008/1526/references", }, { type: "WEB", url: "http://www.vupen.com/english/advisories/2008/1624/references", }, { type: "WEB", url: "http://www.vupen.com/english/advisories/2008/1630/references", }, { type: "WEB", url: "http://www.vupen.com/english/advisories/2008/2396", }, { type: "WEB", url: "http://www.vupen.com/english/advisories/2008/2584", }, ], schema_version: "1.4.0", severity: [], }
gsd-2008-1483
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.
Aliases
Aliases
{ GSD: { alias: "CVE-2008-1483", description: "OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.", id: "GSD-2008-1483", references: [ "https://www.suse.com/security/cve/CVE-2008-1483.html", "https://access.redhat.com/errata/RHSA-2005:527", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2008-1483", ], details: "OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.", id: "GSD-2008-1483", modified: "2023-12-13T01:23:03.315910Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2008-1483", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "ADV-2008-1123", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2008/1123/references", }, { name: "http://support.attachmate.com/techdocs/2374.html", refsource: "CONFIRM", url: "http://support.attachmate.com/techdocs/2374.html", }, { name: "DSA-1576", refsource: "DEBIAN", url: "http://www.debian.org/security/2008/dsa-1576", }, { name: "29554", refsource: "SECUNIA", url: "http://secunia.com/advisories/29554", }, { name: "ADV-2008-1526", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2008/1526/references", }, { name: "http://support.avaya.com/elmodocs2/security/ASA-2008-205.htm", refsource: "CONFIRM", url: "http://support.avaya.com/elmodocs2/security/ASA-2008-205.htm", }, { name: "ADV-2008-1630", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2008/1630/references", }, { name: "[security-announce] 20080403 Globus Security Advisory 2008-01: GSI-OpenSSH vulnerability", refsource: "MLIST", url: "http://www.globus.org/mail_archive/security-announce/2008/04/msg00000.html", }, { name: "29686", refsource: "SECUNIA", url: "http://secunia.com/advisories/29686", }, { name: "APPLE-SA-2008-09-15", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html", }, { name: "31531", refsource: "SECUNIA", url: "http://secunia.com/advisories/31531", }, { name: "SSA:2008-095-01", refsource: "SLACKWARE", url: "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.540188", }, { name: "http://aix.software.ibm.com/aix/efixes/security/ssh_advisory.asc", refsource: "CONFIRM", url: "http://aix.software.ibm.com/aix/efixes/security/ssh_advisory.asc", }, { name: "HPSBUX02337", refsource: "HP", url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01462841", }, { name: "openssh-sshd-session-hijacking(41438)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/41438", }, { name: "USN-597-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/597-1/", }, { name: "1019235", refsource: "SUNALERT", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1019235.1-1", }, { name: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463011", refsource: "CONFIRM", url: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463011", }, { name: "TA08-260A", refsource: "CERT", url: "http://www.us-cert.gov/cas/techalerts/TA08-260A.html", }, { name: "https://issues.rpath.com/browse/RPL-2397", refsource: "CONFIRM", url: "https://issues.rpath.com/browse/RPL-2397", }, { name: "ADV-2008-1624", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2008/1624/references", }, { name: "ADV-2008-2584", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2008/2584", }, { name: "30249", refsource: "SECUNIA", url: "http://secunia.com/advisories/30249", }, { name: "20130220 OpenSSH Forwarded X Connection Session Hijack Vulnerability", refsource: "CISCO", url: "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2008-1483", }, { name: "29735", refsource: "SECUNIA", url: "http://secunia.com/advisories/29735", }, { name: "29683", refsource: "SECUNIA", url: "http://secunia.com/advisories/29683", }, { name: "30361", refsource: "SECUNIA", url: "http://secunia.com/advisories/30361", }, { name: "31882", refsource: "SECUNIA", url: "http://secunia.com/advisories/31882", }, { name: "SUSE-SR:2008:009", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00007.html", }, { name: "SSRT080072", refsource: "HP", url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01462841", }, { name: "29721", refsource: "SECUNIA", url: "http://secunia.com/advisories/29721", }, { name: "ADV-2008-2396", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2008/2396", }, { name: "29522", refsource: "SECUNIA", url: "http://secunia.com/advisories/29522", }, { name: "30086", refsource: "SECUNIA", url: "http://secunia.com/advisories/30086", }, { name: "29939", refsource: "SECUNIA", url: "http://secunia.com/advisories/29939", }, { name: "30347", refsource: "SECUNIA", url: "http://secunia.com/advisories/30347", }, { name: "oval:org.mitre.oval:def:6085", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6085", }, { name: "ADV-2008-0994", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2008/0994/references", }, { name: "1019707", refsource: "SECTRACK", url: "http://www.securitytracker.com/id?1019707", }, { name: "237444", refsource: "SUNALERT", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237444-1", }, { name: "MDVSA-2008:078", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:078", }, { name: "http://sourceforge.net/project/shownotes.php?release_id=590180&group_id=69227", refsource: "CONFIRM", url: "http://sourceforge.net/project/shownotes.php?release_id=590180&group_id=69227", }, { name: "29676", refsource: "SECUNIA", url: "http://secunia.com/advisories/29676", }, { name: "29873", refsource: "SECUNIA", url: "http://secunia.com/advisories/29873", }, { name: "29537", refsource: "SECUNIA", url: "http://secunia.com/advisories/29537", }, { name: "29626", refsource: "SECUNIA", url: "http://secunia.com/advisories/29626", }, { name: "20080325 rPSA-2008-0120-1 gnome-ssh-askpass openssh openssh-client openssh-server", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/490054/100/0/threaded", }, { name: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0120", refsource: "CONFIRM", url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0120", }, { name: "ADV-2008-1448", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2008/1448/references", }, { name: "NetBSD-SA2008-005", refsource: "NETBSD", url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-005.txt.asc", }, { name: "30230", refsource: "SECUNIA", url: "http://secunia.com/advisories/30230", }, { name: "28444", refsource: "BID", url: "http://www.securityfocus.com/bid/28444", }, { name: "GLSA-200804-03", refsource: "GENTOO", url: "http://www.gentoo.org/security/en/glsa/glsa-200804-03.xml", }, { name: "FreeBSD-SA-08:05", refsource: "FREEBSD", url: "http://security.FreeBSD.org/advisories/FreeBSD-SA-08:05.openssh.asc", }, { name: "ADV-2008-1124", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2008/1124/references", }, ], }, }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:openbsd:openssh:4.3p2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2008-1483", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-264", }, ], }, ], }, references: { reference_data: [ { name: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463011", refsource: "CONFIRM", tags: [], url: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463011", }, { name: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0120", refsource: "CONFIRM", tags: [], url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0120", }, { name: "https://issues.rpath.com/browse/RPL-2397", refsource: "CONFIRM", tags: [], url: "https://issues.rpath.com/browse/RPL-2397", }, { name: "29522", refsource: "SECUNIA", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29522", }, { name: "29537", refsource: "SECUNIA", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29537", }, { name: "MDVSA-2008:078", refsource: "MANDRIVA", tags: [], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:078", }, { name: "28444", refsource: "BID", tags: [], url: "http://www.securityfocus.com/bid/28444", }, { name: "1019707", refsource: "SECTRACK", tags: [], url: "http://www.securitytracker.com/id?1019707", }, { name: "29554", refsource: "SECUNIA", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29554", }, { name: "29626", refsource: "SECUNIA", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29626", }, { name: "http://sourceforge.net/project/shownotes.php?release_id=590180&group_id=69227", refsource: "CONFIRM", tags: [], url: "http://sourceforge.net/project/shownotes.php?release_id=590180&group_id=69227", }, { name: "GLSA-200804-03", refsource: "GENTOO", tags: [], url: "http://www.gentoo.org/security/en/glsa/glsa-200804-03.xml", }, { name: "SSA:2008-095-01", refsource: "SLACKWARE", tags: [], url: "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.540188", }, { name: "SUSE-SR:2008:009", refsource: "SUSE", tags: [], url: "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00007.html", }, { name: "29676", refsource: "SECUNIA", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29676", }, { name: "29683", refsource: "SECUNIA", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29683", }, { name: "29686", refsource: "SECUNIA", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29686", }, { name: "29735", refsource: "SECUNIA", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29735", }, { name: "[security-announce] 20080403 Globus Security Advisory 2008-01: GSI-OpenSSH vulnerability", refsource: "MLIST", tags: [], url: "http://www.globus.org/mail_archive/security-announce/2008/04/msg00000.html", }, { name: "29721", refsource: "SECUNIA", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29721", }, { name: "FreeBSD-SA-08:05", refsource: "FREEBSD", tags: [], url: "http://security.FreeBSD.org/advisories/FreeBSD-SA-08:05.openssh.asc", }, { name: "http://support.avaya.com/elmodocs2/security/ASA-2008-205.htm", refsource: "CONFIRM", tags: [], url: "http://support.avaya.com/elmodocs2/security/ASA-2008-205.htm", }, { name: "DSA-1576", refsource: "DEBIAN", tags: [], url: "http://www.debian.org/security/2008/dsa-1576", }, { name: "NetBSD-SA2008-005", refsource: "NETBSD", tags: [], url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-005.txt.asc", }, { name: "29939", refsource: "SECUNIA", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29939", }, { name: "29873", refsource: "SECUNIA", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29873", }, { name: "30249", refsource: "SECUNIA", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/30249", }, { name: "30361", refsource: "SECUNIA", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/30361", }, { name: "30230", refsource: "SECUNIA", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/30230", }, { name: "http://support.attachmate.com/techdocs/2374.html", refsource: "CONFIRM", tags: [], url: "http://support.attachmate.com/techdocs/2374.html", }, { name: "31531", refsource: "SECUNIA", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/31531", }, { name: "APPLE-SA-2008-09-15", refsource: "APPLE", tags: [], url: "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html", }, { name: "31882", refsource: "SECUNIA", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/31882", }, { name: "TA08-260A", refsource: "CERT", tags: [ "US Government Resource", ], url: "http://www.us-cert.gov/cas/techalerts/TA08-260A.html", }, { name: "30086", refsource: "SECUNIA", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/30086", }, { name: "237444", refsource: "SUNALERT", tags: [], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237444-1", }, { name: "HPSBUX02337", refsource: "HP", tags: [], url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01462841", }, { name: "30347", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/30347", }, { name: "ADV-2008-1630", refsource: "VUPEN", tags: [], url: "http://www.vupen.com/english/advisories/2008/1630/references", }, { name: "1019235", refsource: "SUNALERT", tags: [], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1019235.1-1", }, { name: "ADV-2008-1123", refsource: "VUPEN", tags: [], url: "http://www.vupen.com/english/advisories/2008/1123/references", }, { name: "ADV-2008-1526", refsource: "VUPEN", tags: [], url: "http://www.vupen.com/english/advisories/2008/1526/references", }, { name: "ADV-2008-0994", refsource: "VUPEN", tags: [], url: "http://www.vupen.com/english/advisories/2008/0994/references", }, { name: "ADV-2008-2584", refsource: "VUPEN", tags: [], url: "http://www.vupen.com/english/advisories/2008/2584", }, { name: "ADV-2008-1624", refsource: "VUPEN", tags: [], url: "http://www.vupen.com/english/advisories/2008/1624/references", }, { name: "ADV-2008-2396", refsource: "VUPEN", tags: [], url: "http://www.vupen.com/english/advisories/2008/2396", }, { name: "http://aix.software.ibm.com/aix/efixes/security/ssh_advisory.asc", refsource: "CONFIRM", tags: [], url: "http://aix.software.ibm.com/aix/efixes/security/ssh_advisory.asc", }, { name: "ADV-2008-1124", refsource: "VUPEN", tags: [], url: "http://www.vupen.com/english/advisories/2008/1124/references", }, { name: "ADV-2008-1448", refsource: "VUPEN", tags: [], url: "http://www.vupen.com/english/advisories/2008/1448/references", }, { name: "20130220 OpenSSH Forwarded X Connection Session Hijack Vulnerability", refsource: "CISCO", tags: [], url: "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2008-1483", }, { name: "openssh-sshd-session-hijacking(41438)", refsource: "XF", tags: [], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/41438", }, { name: "oval:org.mitre.oval:def:6085", refsource: "OVAL", tags: [], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6085", }, { name: "USN-597-1", refsource: "UBUNTU", tags: [], url: "https://usn.ubuntu.com/597-1/", }, { name: "20080325 rPSA-2008-0120-1 gnome-ssh-askpass openssh openssh-client openssh-server", refsource: "BUGTRAQ", tags: [], url: "http://www.securityfocus.com/archive/1/490054/100/0/threaded", }, ], }, }, impact: { baseMetricV2: { cvssV2: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", userInteractionRequired: false, }, }, lastModifiedDate: "2018-10-11T20:35Z", publishedDate: "2008-03-24T23:44Z", }, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.