Ubuntu 12.04 LTS / 14.04 LTS / 15.04 : openssh regression (USN-2710-2)

Ubuntu Security Notice (C) 2015-2016 Canonical, Inc. / NASL script (C) 2015-2016 Tenable Network Security, Inc.


Synopsis :

The remote Ubuntu host is missing a security-related patch.

Description :

USN-2710-1 fixed vulnerabilities in OpenSSH. The upstream fix for
CVE-2015-5600 caused a regression resulting in random authentication
failures in non-default configurations. This update fixes the problem.

Moritz Jodeit discovered that OpenSSH incorrectly handled usernames
when using PAM authentication. If an additional vulnerability were
discovered in the OpenSSH unprivileged child process, this issue could
allow a remote attacker to perform user impersonation. (CVE number
pending)

Moritz Jodeit discovered that OpenSSH incorrectly handled
context memory when using PAM authentication. If an
additional vulnerability were discovered in the OpenSSH
unprivileged child process, this issue could allow a remote
attacker to bypass authentication or possibly execute
arbitrary code. (CVE number pending)

Jann Horn discovered that OpenSSH incorrectly handled time
windows for X connections. A remote attacker could use this
issue to bypass certain access restrictions. (CVE-2015-5352)

It was discovered that OpenSSH incorrectly handled
keyboard-interactive authentication. In a non-default
configuration, a remote attacker could possibly use this
issue to perform a brute-force password attack.
(CVE-2015-5600).

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

Solution :

Update the affected openssh-server package.

Risk factor :

High / CVSS Base Score : 8.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:C)

Family: Ubuntu Local Security Checks

Nessus Plugin ID: 85533 ()

Bugtraq ID:

CVE ID: CVE-2015-5352
CVE-2015-5600

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now