Mandriva Linux Security Advisory : openssh (MDVSA-2008:098)
Medium Nessus Plugin ID 36276
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionA vulnerability in OpenSSH 4.4 through 4.8 allowed local attackers to bypass intended security restrictions enabling them to execute commands other than those specified by the ForceCommand directive, provided they are able to modify to ~/.ssh/rc (CVE-2008-1657).
The updated packages have been patched to correct this issue.
SolutionUpdate the affected packages.