drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mangelnde Rechteprüfung in libssh (Aktualisierung)
Name: |
Mangelnde Rechteprüfung in libssh (Aktualisierung) |
|
ID: |
USN-3795-2 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 18.10 |
|
Datum: |
Mo, 22. Oktober 2018, 23:01 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10933 |
|
Applikationen: |
libssh |
|
Update von: |
Mangelnde Rechteprüfung in libssh |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============1818776268666439391== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="YRGaXWGHjTrPHMDhgPsW2TcC6JIYwM5JB"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --YRGaXWGHjTrPHMDhgPsW2TcC6JIYwM5JB Content-Type: multipart/mixed; boundary="dmQQsvHX299AN3dY2IrZ8B0IO6X9R0ERV"; protected-headers="v1" From: Marc Deslauriers <marc.deslauriers@canonical.com> Reply-To: Ubuntu Security <security@ubuntu.com> To: ubuntu-security-announce@lists.ubuntu.com Message-ID: <ec7ebce5-d53f-e8e1-77a3-015f2dea71c4@canonical.com> Subject: [USN-3795-2] libssh vulnerability
--dmQQsvHX299AN3dY2IrZ8B0IO6X9R0ERV Content-Type: text/plain; charset=utf-8 Content-Language: en-C Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-3795-2 October 22, 2018
libssh vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.10
Summary:
libssh could allow unintended access to network services.
Software Description: - libssh: A tiny C SSH library
Details:
USN-3795-1 fixed a vulnerability in libssh. This update provides the corresponding update for Ubuntu 18.10.
Original advisory details:
Peter Winter-Smith discovered that libssh incorrectly handled authentication when being used as a server. A remote attacker could use this issue to bypass authentication without any credentials.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.10: libssh-4 0.8.1-1ubuntu0.1
After a standard system update you need to reboot your computer to make all the necessary changes.
References: https://usn.ubuntu.com/usn/usn-3795-2 https://usn.ubuntu.com/usn/usn-3795-1 CVE-2018-10933
Package Information: https://launchpad.net/ubuntu/+source/libssh/0.8.1-1ubuntu0.1
--dmQQsvHX299AN3dY2IrZ8B0IO6X9R0ERV--
--YRGaXWGHjTrPHMDhgPsW2TcC6JIYwM5JB Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAlvOE6IACgkQZWnYVadE vpNmYRAAl7yapsiQyhwNawVJ8kR3ZHpCSYb56uCcpaZYvdh+lkNtQf8Bl/vKEBkX j37VJnJuT4iJom519qlnf6Rn+7fHQMtQ36Um/HnR5j0i/WQvZWqBzVAIU/v/JJpQ Uqr087YlglfLwrxjAtwYDdTxRPdJjwllnhYJAWPI/mqNpXxm6MSsINgaGlT+0eWp chUS9/ItitQbH/f1ebVPv5rklw9TqrT7mj+WcHxGDh6OGiODcDI5HXey/xfLUeXa 6prLzol8SXUOaN8eUT4uHQRPKKCNB+bCPVneNxx37l3vIxYauDUf4+ED7ZtILL+F AOAYDfOjA3VlMRbC+w3a6XvLaQPddOEj3DvqXrUHIo/IK7usUeA5cNAqJ9JINjfC ra8XpikwJ4kpknoOKdbox49tFSZgNuIWyECf5N7mPvnIEO7a+1aTIQ4ckJ+sNyLx K4xDHJkvRHMNt958pCQWfCtgHH4K+uzAvW+60+ryeIeEQ4wCHZzurDyND6s7xIQ4 7W3CC74rWzroKEMpU+1FDuL9As+LG0C4Kqxr44Ot3tFbtjyvrtj0erDNaFXnhuUu Of0MGLpsm2qYa3dGAeK8vc5O51xc7ujGaUoJwMslG1GjELPPZiQfvIZWz4D1O8Y+ RBHolA7DKIbulE+n9AllonfMWcMz5pCU+OOfMEJ9tfWSCkgG3xY= =J+LQ -----END PGP SIGNATURE-----
--YRGaXWGHjTrPHMDhgPsW2TcC6JIYwM5JB--
--===============1818776268666439391== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5 LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj dXJpdHktYW5ub3VuY2UK
--===============1818776268666439391==--
|
|
|
|