Ubuntu 12.04 LTS / 14.04 LTS / 15.04 : openssh vulnerabilities (USN-2710-1)

Ubuntu Security Notice (C) 2015-2016 Canonical, Inc. / NASL script (C) 2015-2016 Tenable Network Security, Inc.


Synopsis :

The remote Ubuntu host is missing a security-related patch.

Description :

Moritz Jodeit discovered that OpenSSH incorrectly handled usernames
when using PAM authentication. If an additional vulnerability were
discovered in the OpenSSH unprivileged child process, this issue could
allow a remote attacker to perform user impersonation. (CVE number
pending)

Moritz Jodeit discovered that OpenSSH incorrectly handled context
memory when using PAM authentication. If an additional vulnerability
were discovered in the OpenSSH unprivileged child process, this issue
could allow a remote attacker to bypass authentication or possibly
execute arbitrary code. (CVE number pending)

Jann Horn discovered that OpenSSH incorrectly handled time windows for
X connections. A remote attacker could use this issue to bypass
certain access restrictions. (CVE-2015-5352)

It was discovered that OpenSSH incorrectly handled
keyboard-interactive authentication. In a non-default configuration, a
remote attacker could possibly use this issue to perform a brute-force
password attack. (CVE-2015-5600).

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

Solution :

Update the affected openssh-server package.

Risk factor :

High / CVSS Base Score : 8.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:C)
CVSS Temporal Score : 7.0
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Family: Ubuntu Local Security Checks

Nessus Plugin ID: 85445 ()

Bugtraq ID:

CVE ID: CVE-2015-5352
CVE-2015-5600

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now