This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.
The remote OracleVM host is missing one or more security updates.
The remote OracleVM system is missing necessary patches to address
critical security updates :
- CVE-2016-3115: missing sanitisation of input for X11
- Restore functionallity of pam_ssh_agent_auth in FIPS
- Initialize devices_done variable for challenge response
- Update behaviour of X11 forwarding to match upstream
- Ammends previous release, fixing typos and behaviour
See also :
Update the affected openssh / openssh-clients / openssh-server
Risk factor :
Medium / CVSS Base Score : 5.5
CVSS Temporal Score : 4.5
Public Exploit Available : true