Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : openssh vulnerabilities (USN-3809-1)
Medium Nessus Plugin ID 118795
SynopsisThe remote Ubuntu host is missing a security-related patch.
DescriptionRobert Swiecki discovered that OpenSSH incorrectly handled certain messages. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-10708)
It was discovered that OpenSSH incorrectly handled certain requests.
An attacker could possibly use this issue to access sensitive information. (CVE-2018-15473).
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpdate the affected openssh-server package.