openssh 보안 업데이트
Web Browser 로는 FTP 접속이 불가능 합니다.
문서번호 : 1159789082
업데이트 : 2006.10.02
상세내용
4.4p1 update
CVE-2006-4924:
sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows
remote attackers to cause a denial of service (CPU consumption) via an SSH
packet that contains duplicate blocks, which is not properly handled by
the CRC compensation attack detector.
CVE-2006-5051:
Signal handler race condition in OpenSSH before 4.4 allows remote remote
attackers to cause a denial of service (crash), and possibly execute
arbitrary code if GSSAPI authentication is enabled, via unspecified vectors.
Autoupdates 지원 : 지원
update 패키지
RPMS :
. openssh-4.4p1-1.i686.rpm
. openssh-clients-4.4p1-1.i686.rpm
. openssh-server-4.4p1-1.i686.rpm
SRPMS :
. openssh-4.4p1-1.src.rpm
참고 :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4924
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5051
|