Mandrake Linux Security Advisory : openssh (MDKSA-2000:068-1)

High Nessus Plugin ID 61854


The remote Mandrake Linux host is missing one or more security updates.


A vulnerability exists with all versions of OpenSSH prior to 2.3.0 with regards to the X11 forwarding and ssh-agent. If agent or X11 forwarding is disabled in the ssh client configuration, the client does not request these features during session setup. However, when the ssh client receives an actual request asking for access to the ssh-agent, the client fails to check whether this feature has been negotiated during session setup. The client does not check whether the request is in compliance with the client configuration and grants access to the ssh-agent. A similar problem exists in the X11 forwarding implementation.

Update :

The packages announced yesterday for Linux-Mandrake 7.0 and 7.1 did not have PAM support enabled. This meant that the server would not allow logins. These updated packages for 7.0 and 7.1 are now available with PAM support properly enabled.


Update the affected packages.

Plugin Details

Severity: High

ID: 61854

File Name: mandrake_MDKSA-2000-068.nasl

Version: $Revision: 1.3 $

Type: local

Published: 2012/09/06

Modified: 2013/05/31

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:openssh, p-cpe:/a:mandriva:linux:openssh-askpass, p-cpe:/a:mandriva:linux:openssh-askpass-gnome, p-cpe:/a:mandriva:linux:openssh-clients, p-cpe:/a:mandriva:linux:openssh-server, cpe:/o:mandrakesoft:mandrake_linux:7.0, cpe:/o:mandrakesoft:mandrake_linux:7.1, cpe:/o:mandrakesoft:mandrake_linux:7.2

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Patch Publication Date: 2000/11/14

Reference Information

CVE: CVE-2000-1169

MDKSA: 2000:068-1