SSA-18700 OpenSSH security problem fixed

This script is Copyright (C) 2005-2010 Tenable Network Security, Inc.


Synopsis :

The remote host is missing a security update.

Description :

New openssh packages are available to fix security problems.

Here's the information from the Slackware 8.0 ChangeLog:

----------------------------
Thu Mar 7 12:00:18 PST 2002
patches/packages/openssh.tgz: Upgraded to openssh-3.1p1.

This fixes a security problem in the openssh package. All sites running
OpenSSH should upgrade immediately.

All versions of OpenSSH between 2.0 and 3.0.2 contain an off-by-one error
in the channel code. OpenSSH 3.1 and later are not affected. This bug can
be exploited locally by an authenticated user logging into a vulnerable
OpenSSH server or by a malicious SSH server attacking a vulnerable OpenSSH
client. This bug was discovered by Joost Pol <joost@pine.nl>

(* Security fix *)
----------------------------

Solution :

Update the packages that are referenced in the security advisory.

Risk factor :

High

Family: Slackware Local Security Checks

Nessus Plugin ID: 18700 ()

Bugtraq ID:

CVE ID: