Updated openssh packages available for Red Hat Linux 7
| Advisory: | RHSA-2000:111-04 |
|---|---|
| Type: | Security Advisory |
| Severity: | N/A |
| Issued on: | 2000-11-27 |
| Last updated on: | 2000-11-27 |
| Affected Products: | Red Hat Linux 7.0 |
| CVEs (cve.mitre.org): |
CVE-2000-1169 |
Details
Updated openssh packages are now available for Red Hat Linux 7.
2000-11-27: Added packages for Red Hat Linux 7 for Alpha
An OpenSSH client will do agent or X11 forwarding at the request of a
server, even if the user has not requested that it be done. A malicious
server can exploit this vulnerability to gain access to the user's
display.
Solution
For each RPM for your particular architecture, run:
rpm -Fvh [filename]
where filename is the name of the RPM.
rpm -Fvh [filename]
where filename is the name of the RPM.
Updated packages
| Red Hat Linux 7.0 | |
| Alpha: | |
| {filename} | MD5: cfa7b84d1389e921d11cd93888014bbe |
| IA-32: | |
| {filename} | MD5: d426ff6c55181f8ccbea6e2f7a307b99 |
Bugs fixed (see bugzilla for more information)
20884 - openssh-2.3.0p1 doesn't include /etc/ssh/primes
References
https://www.redhat.com/security/data/cve/CVE-2000-1169.html
http://www.openbsd.org/errata27.html#sshforwarding
http://www.openbsd.org/errata27.html#sshforwarding
Keywords
forwarding
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package
The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/
