Home / openssh-aix53 / openssh4.3p2. Name Modified Size Info Downloads / Week; Parent folder; openssh4.3p253.tar.Z: 2006-09-19: 2.8 MB: 0. Totals: 1 Item: 2.8 MB: 0: Other Useful Business Software. Try the Business Hub Free for 30 Days. Try the platform built to make cybersecurity simple for businesses and IT managers. ./18-Apr-2021 17:07 - ChangeLog 18-Apr-2021 05 DJM-GPG-KEY.asc 17-Sep-2002 INSTALL 18-Apr-2021 5 README 18-Apr-2021 TODO 18-Apr-2021 UPGRADING 17-Sep-2002 deprecatedgzsigkey.pub 25-May.
Home / openssh-aix53 / 4.3p2 Other Useful Business Software X-Ray Your Active Directory Environment For Free Quickly find and resolve problems with Server & Application Monitor.
Openssh 4.3 P220
| Status of OpenSSH CVEs | Technical Level |
| Solution ID | sk65269 | | Technical Level | | Product | All | | Version | All | | OS | SecurePlatform 2.6, Gaia | | Platform / Model | All | | Date Created | 01-Sep-2011 | | Last Modified | 22-Apr-2021 |
This article lists known CVEs for OpenSSH and their status for the OpenSSH packages used in SecurePlatform R70 and above and in Gaia OS. This article does not list all the known CVEs for OpenSSH - only those that were explicitly checked by Check Point. - To check if the installed OpenSSH package is patched against a CVE (e.g., for CVE-2006-4924), run:
[Expert@Hostname]# rpm -q --changelog $(rpm -qa | grep openssh) | grep CVE-2006-4924
Output should look like:
- CVE-2006-4924 - prevent DoS on deattack detector (#207957)
- Therpm -qa | grep ssh command can be used to verify the OpenSSH package version installed on a given machine. This version can be correlated with CVE fixes integrated.
Example:
[Expert@Hostname]# rpm -qa | grep ssh
openssh-4.3p2-26.1.cp990150005
openssh-server-4.3p2-26.1.cp990150005
openssh-clients-4.3p2-26.1.cp990150005
| CVE | Comment | | 2019 | | CVE-2019-16905 | Not vulnerable | | 2018 | | CVE-2018-15919 | Not relevant - GSS API Authentication is not enabled on Gaia OS | | CVE-2018-15473 | Refer to - Jumbo Hotfix Accumulator for R80.20 from Take 43
- Jumbo Hotfix Accumulator for R80.10 from Take 185
- Jumbo Hotfix Accumulator for R77.30 from Take 348
| | 2017 | | CVE-2017-15906 | Not vulnerable | | 2016 | | CVE-2016-8858 | OpenSSH upstream does not consider this as a security issue. | | CVE-2016-3115 | Not relevant. Default setting in Check Point 'sshd_config' file is 'X11Forwarding=no'. | | CVE-2016-0778 | Not vulnerable. Refer to sk109636. | | CVE-2016-0777 | Not vulnerable. Refer to sk109636. | | CVE-2016-6515 | Not vulnerable | | CVE-2015-6565 | Not vulnerable | | CVE-2016-6210 | Low exploitability, contact Check Point Support | | CVE-2016-1907 | Not vulnerable | | CVE-2016-1908 | Not relevant | | CVE-2016-10009 | Not relevant | | CVE-2016-10011 | Not relevant | | CVE-2016-10012 | Not relevant | | CVE-2016-10010 | Not relevant | | CVE-2016-10708 | Not vulnerable | | 2015 | | CVE-2015-6565 | Not vulnerable | | CVE-2015-6564 | Not vulnerable | | CVE-2015-5600 | Not vulnerable | | CVE-2015-5352 | Not vulnerable | | CVE-2015-6563 | Requires Expert access to the system. Refer to sk133652. | | CVE-2015-8325 | Not vulnerable | | 2014 | | CVE-2014-2653 | Not relevant | | CVE-2014-2532 | Not relevant. Check Point does not use wildcards in 'sshd_config' file. | | CVE-2014-1692 | Not vulnerable | | 2013 | | CVE-2013-2566 | False positive. Refer to sk93395. | | 2012 | | CVE-2012-0814 | Not relevant. This is a Debian OpenSSH vulnerability, and it does not affect Red Hat OpenSSH | | 2011 | | CVE-2011-5000 | Not vulnerable | | CVE-2011-4327 | Not vulnerable | | 2010 | | CVE-2010-4755 | Not vulnerable | | CVE-2010-4478 | Not vulnerable | | CVE-2010-5107 | Low impact. Fixed in R77.10. | | 2009 | | CVE-2009-2904 | Not vulnerable | | 2008 | | CVE-2008-5161 | Not vulnerable. Very low impact. Refer to sk36343. | | CVE-2008-3259 | Not vulnerable | | CVE-2008-1657 | Not vulnerable | | CVE-2008-1483 | Not vulnerable since R70 GA | | CVE-2008-3234 | Not relevant | | CVE-2008-4109 | Not relevant | | CVE-2008-2359 | Not relevant | | 2007 | | CVE-2007-2768 | Not vulnerable | | CVE-2007-4752 | Not vulnerable | | CVE-2007-3102 | Not vulnerable | | CVE-2007-2243 | Not vulnerable | | CVE-2007-0726 | Not relevant (bug in OpenSSH on Mac OS X) | | 2006 | | CVE-2006-5794 | Not vulnerable since R65 GA | | CVE-2006-5052 | Not vulnerable | | CVE-2006-5051 | Not vulnerable. Refer to sk61744. | | CVE-2006-4924 | Not vulnerable. Refer to sk61744. | | CVE-2006-0225 | Not vulnerable | | CVE-2006-5229 | Issue is not reproducible | | Not relevant (this is a client-side crash, not DoS) | | 2005 | | CVE-2005-2798 | Not vulnerable | | CVE-2005-2797 | Not vulnerable | | CVE-2005-2666 | Vulnerability is not severe. The fix is too risky. | | 2004 | | CVE-2004-2069 | Not vulnerable | | CVE-2004-1653 | Configuration issue. Can be disabled if desired (by changing the 'AllowTcpForwarding' option
in the /etc/ssh/sshd_config configuration file)
However, it does not look relevant for SecurePlatform users. | | 2003 | | CVE-2003-1562 | Not vulnerable since R70 GA | | CVE-2003-0787 | Not vulnerable | | CVE-2003-0695 | Not vulnerable since R70 GA | | CVE-2003-0693 | Not vulnerable since R70 GA | | CVE-2003-0682 | Not vulnerable since R70 GA | | CVE-2003-0386 | Not vulnerable |
Not relevant: - Either Check Point does not use the vulnerable code.
- Or Check Point does not have this code in released versions.
- Or Check Point changed the code in such a way that this vulnerability does not apply anymore.
Not vulnerable: The issue was relevant to Check Point code and Check Point has already fixed it. Relevant: The issue exists in Check Point code. - This sk is merged with sk103087
|
|
|