Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Mandrake Local Security Checks --> Category: infos

MDKSA-2006:204: openssh Vulnerability Scan

Vulnerability Scan Summary
Check for the version of the openssh package

Detailed Explanation for this Vulnerability Test

The remote host is missing the patch for the advisory MDKSA-2006:204 (openssh).

A vulnerability in the privilege separation functionality in OpenSSH
was discovered, caused by an incorrect checking for bad signatures in
sshd's privsep monitor. As a result, the monitor and the unprivileged
process can get out sync. The OpenSSH team indicated that this bug is
not known to be exploitable in the abence of additional
Updated packages have been patched to correct this issue, and Mandriva
Linux 2007 has received the latest version of OpenSSH.

Solution :
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.