Daily threat assessment 14JAN2016 (openssh client vuln)

Security annoucements of interest to the AtomiCorp community, such as vulnerabilities in third party applications.
User avatar
mikeshinn
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 4149
Joined: Thu Feb 07, 2008 7:49 pm
Location: Chantilly, VA

Daily threat assessment 14JAN2016 (openssh client vuln)

Unread post by mikeshinn »

This report is a daily analysis of all published vulnerabilities in any product, weaknesses in technologies, exploits Internet wide, current internet threats associated with platforms and products our customer use, and if any action is required to protect their assets from these these vulnerabilities, weaknesses and exploits depending on the Atomicorp product they are using.

Please see this forum post for an explanation of the categories used in this report.

Note: CVEs are sometimes created after a vulnerability is published (sometimes far after it has been made public). When CVEs are referenced, it is because a CVE was created today, not because an issue was resolved today, and it is included here for reference.

ASL users

Summary: No action required.

Already protect against/Known Method/No update required

CVE-2016-0778 - openssh client buffer overflow
WordPress Commentator 2.5.2 Cross Site Scripting
WordPress Tubepress 2 Cross Site Scripting
CVE-2015-4671
CVE-2015-4703
CVE-2015-5471

Not already protected against/New Method/Update Available

None.

Not already protected against/Doesnt protect against/Solution

Note: This only effects openssh clients and not the openssh server. Redhat/Centos 5 and 6 systems include older versions of openssh that do not include the feature that creates this vulnerability. The vulnerability allows a server you connect to to get the contents of the memory of the OpenSSH client. If your keys are not protected by a passphrase or you do not use ssh-agent, this can include private keys. If you are using one of those versions of openssh, you are recommended to change your keys.

CVE-2016-0777 - openssh client information leak - (This vulnerability only effects RHEL/Centos 7 and derivative systems. An update is available from Redhat, and update is not available at this time for Centos)

Until you are able to patch affected systems, the recommended workaround is to use

# echo -e 'Host *\nUseRoaming no' >> /etc/ssh/ssh_config


Potential Vulnerability/Solution

None.

Rules only users

Already protect against/Known Method/No update required

WordPress Commentator 2.5.2 Cross Site Scripting
WordPress Tubepress 2 Cross Site Scripting
CVE-2015-4671
CVE-2015-4703
CVE-2015-5471

Already protect against/Known Method/No update required

None.

Not already protected against/Doesnt protect against/Solution

Note: This only effects openssh clients and not the openssh server. Redhat/Centos 5 and 6 systems include older versions of openssh that do not include the feature that creates this vulnerability. The vulnerability allows a server you connect to to get the contents of the memory of the OpenSSH client. If your keys are not protected by a passphrase or you do not use ssh-agent, this can include private keys. If you are using one of those versions of openssh, you are recommended to change your keys.

CVE-2016-0778 - openssh client buffer overflow (An update is not available at this time for Centos)
CVE-2016-0777 - openssh client information leak - (An update is not available at this time for Centos)

Until you are able to patch affected systems, the recommended workaround is to use

# echo -e 'Host *\nUseRoaming no' >> /etc/ssh/ssh_config


Potential Vulnerability/Solution

None.
Post Reply