Vulnerability Bulletins

int(999)

Vulnerability Bulletins

Vulnerabilidad de directorio transversal en el cliente scp OpenSSH
Vulnerability classification
Property	Value
Confidence level	Oficial
Impact	Ocultacion del rastro
Dificulty	Avanzado
Required attacker level	Acceso remoto sin cuenta a un servicio exotico
System information
Property	Value
Affected manufacturer	Networking
Affected software	OpenSSH scp Juniper Networks NetScreen IDP 3.0r2
Description
Se ha descubierto una vulnerabilidad de directorio transversal en la versión 3.0r2 y anteriores de todos los productos Juniper Networks NetScreen IDP. La vulnerabilidad reside en el cliente scp OpenSSH. La explotación de esta vulnerabilidad podría permitir a un servidor ssh malicioso sobrescribir archivos en el sistema de archivos del IDP si un usuario inicia una copia scp desde el servidor malicioso hasta el IDP y se dan las siguientes condiciones: - El usuario debe tener permisos de escritura en el archivo a sobrescribir por el servidor malicioso. - El usuario debe ejecutar el cliente scp desde el IDP e iniciar una copia scp desde el servidor malicioso. - La conexión al servidor ssh malicioso debe realizarse desde el IDP. - Una verificación de la "key fingerprint" del servidor ssh revelaría un intento de "spoofear" un servidor ssh legítimo.
Solution
Actualización de software Juniper Networks NetScreen openssh-3.1p1-14.idp2.i386.rpm openssh-client-3.1p1-14.idp2.i386.rpm openssh-server-3.1p1-14.idp2.i386.rpm http://www.juniper.net/support/ Red Hat Linux (rsh, openssh) Red Hat Desktop (v. 3) Red Hat Enterprise Linux AS (v. 3) Red Hat Enterprise Linux ES (v. 3) Red Hat Enterprise Linux WS (v. 3) https://rhn.redhat.com/ Red Hat Linux (openssh) Red Hat Enterprise Linux AS (v. 2.1) Red Hat Enterprise Linux ES (v. 2.1) Red Hat Enterprise Linux WS (v. 2.1) Red Hat Linux Advanced Workstation 2.1 Itanium Processor https://rhn.redhat.com/ Red Hat Linux (rsh) Red Hat Desktop (v. 4) Red Hat Enterprise Linux AS (v. 4) Red Hat Enterprise Linux ES (v. 4) Red Hat Enterprise Linux WS (v. 4) https://rhn.redhat.com/ Red Hat Linux (rsh) Red Hat Enterprise Linux AS (v. 2.1) Red Hat Enterprise Linux ES (v. 2.1) Red Hat Enterprise Linux WS (v. 2.1) Red Hat Linux Advanced Workstation 2.1 Itanium Processor https://rhn.redhat.com/ Mandriva Linux Mandrakelinux 10.0 x86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/rsh-0.17-13.1.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/rsh-server-0.17-13.1.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/SRPMS/rsh-0.17-13.1.100mdk.src.rpm AMD64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/rsh-0.17-13.1.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/rsh-server-0.17-13.1.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/SRPMS/rsh-0.17-13.1.100mdk.src.rpm Mandrakelinux 10.1 x86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/rsh-0.17-13.1.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/rsh-server-0.17-13.1.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/SRPMS/rsh-0.17-13.1.101mdk.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/rsh-0.17-13.1.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/rsh-server-0.17-13.1.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/SRPMS/rsh-0.17-13.1.101mdk.src.rpm Corporate Server 2.1 x86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/rsh-0.17-9.1.C21mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/rsh-server-0.17-9.1.C21mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/SRPMS/rsh-0.17-9.1.C21mdk.src.rpm 86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/rsh-0.17-9.1.C21mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/rsh-server-0.17-9.1.C21mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/SRPMS/rsh-0.17-9.1.C21mdk.src.rpm Corporate Server 3.0 x86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/rsh-0.17-13.1.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/rsh-server-0.17-13.1.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/SRPMS/rsh-0.17-13.1.C30mdk.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/rsh-0.17-13.1.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/rsh-server-0.17-13.1.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/SRPMS/rsh-0.17-13.1.C30mdk.src.rpm Mandrivalinux LE2005 x86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/rsh-0.17-13.1.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/rsh-server-0.17-13.1.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/SRPMS/rsh-0.17-13.1.102mdk.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/rsh-0.17-13.1.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/rsh-server-0.17-13.1.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/SRPMS/rsh-0.17-13.1.102mdk.src.rpm Red Hat Linux (krb5) Red Hat Desktop (v. 4) Red Hat Enterprise Linux AS (v. 4) Red Hat Enterprise Linux ES (v. 4) Red Hat Enterprise Linux WS (v. 4) Red Hat Desktop (v. 3) Red Hat Enterprise Linux AS (v. 2.1) Red Hat Enterprise Linux AS (v. 3) Red Hat Enterprise Linux ES (v. 2.1) Red Hat Enterprise Linux ES (v. 3) Red Hat Enterprise Linux WS (v. 2.1) Red Hat Enterprise Linux WS (v. 3) Red Hat Linux Advanced Workstation 2.1 Itanium Processor https://rhn.redhat.com/ Mandriva Linux (krb5) Mandrakelinux 10.0 x86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/ftp-client-krb5-1.3-6.6.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/ftp-server-krb5-1.3-6.6.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/krb5-server-1.3-6.6.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/krb5-workstation-1.3-6.6.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libkrb51-1.3-6.6.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libkrb51-devel-1.3-6.6.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/telnet-client-krb5-1.3-6.6.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/telnet-server-krb5-1.3-6.6.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/SRPMS/krb5-1.3-6.6.100mdk.src.rpm AMD64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/ftp-client-krb5-1.3-6.6.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/ftp-server-krb5-1.3-6.6.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/krb5-server-1.3-6.6.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/krb5-workstation-1.3-6.6.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/lib64krb51-1.3-6.6.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/lib64krb51-devel-1.3-6.6.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/telnet-client-krb5-1.3-6.6.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/telnet-server-krb5-1.3-6.6.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/SRPMS/krb5-1.3-6.6.100mdk.src.rpm Mandrakelinux 10.1 x86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/ftp-client-krb5-1.3.4-2.3.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/ftp-server-krb5-1.3.4-2.3.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/krb5-server-1.3.4-2.3.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/krb5-workstation-1.3.4-2.3.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/libkrb53-1.3.4-2.3.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/libkrb53-devel-1.3.4-2.3.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/telnet-client-krb5-1.3.4-2.3.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/telnet-server-krb5-1.3.4-2.3.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/SRPMS/krb5-1.3.4-2.3.101mdk.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/ftp-client-krb5-1.3.4-2.3.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/ftp-server-krb5-1.3.4-2.3.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/krb5-server-1.3.4-2.3.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/krb5-workstation-1.3.4-2.3.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/lib64krb53-1.3.4-2.3.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/lib64krb53-devel-1.3.4-2.3.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/telnet-client-krb5-1.3.4-2.3.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/telnet-server-krb5-1.3.4-2.3.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/SRPMS/krb5-1.3.4-2.3.101mdk.src.rpm Corporate Server 2.1 x86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/ftp-client-krb5-1.2.5-1.10.C21mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/ftp-server-krb5-1.2.5-1.10.C21mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/krb5-devel-1.2.5-1.10.C21mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/krb5-libs-1.2.5-1.10.C21mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/krb5-server-1.2.5-1.10.C21mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/krb5-workstation-1.2.5-1.10.C21mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/telnet-client-krb5-1.2.5-1.10.C21mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/telnet-server-krb5-1.2.5-1.10.C21mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/SRPMS/krb5-1.2.5-1.10.C21mdk.src.rpm x86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/ftp-client-krb5-1.2.5-1.10.C21mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/ftp-server-krb5-1.2.5-1.10.C21mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/krb5-devel-1.2.5-1.10.C21mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/krb5-libs-1.2.5-1.10.C21mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/krb5-server-1.2.5-1.10.C21mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/krb5-workstation-1.2.5-1.10.C21mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/telnet-client-krb5-1.2.5-1.10.C21mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/telnet-server-krb5-1.2.5-1.10.C21mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/SRPMS/krb5-1.2.5-1.10.C21mdk.src.rpm Corporate Server 3.0 x86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/ftp-client-krb5-1.3-6.6.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/ftp-server-krb5-1.3-6.6.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/krb5-server-1.3-6.6.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/krb5-workstation-1.3-6.6.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/libkrb51-1.3-6.6.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/libkrb51-devel-1.3-6.6.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/telnet-client-krb5-1.3-6.6.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/telnet-server-krb5-1.3-6.6.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/SRPMS/krb5-1.3-6.6.C30mdk.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/ftp-client-krb5-1.3-6.6.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/ftp-server-krb5-1.3-6.6.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/krb5-server-1.3-6.6.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/krb5-workstation-1.3-6.6.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/lib64krb51-1.3-6.6.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/lib64krb51-devel-1.3-6.6.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/telnet-client-krb5-1.3-6.6.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/telnet-server-krb5-1.3-6.6.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/SRPMS/krb5-1.3-6.6.C30mdk.src.rpm Multi Network Firewall 2.0 x86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf/2.0/RPMS/libkrb51-1.3-6.6.M20mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf/2.0/SRPMS/krb5-1.3-6.6.M20mdk.src.rpm Mandrivalinux LE2005 x86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/ftp-client-krb5-1.3.6-6.1.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/ftp-server-krb5-1.3.6-6.1.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/krb5-server-1.3.6-6.1.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/krb5-workstation-1.3.6-6.1.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/libkrb53-1.3.6-6.1.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/libkrb53-devel-1.3.6-6.1.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/telnet-client-krb5-1.3.6-6.1.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/telnet-server-krb5-1.3.6-6.1.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/SRPMS/krb5-1.3.6-6.1.102mdk.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/ftp-client-krb5-1.3.6-6.1.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/ftp-server-krb5-1.3.6-6.1.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/krb5-server-1.3.6-6.1.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/krb5-workstation-1.3.6-6.1.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/lib64krb53-1.3.6-6.1.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/lib64krb53-devel-1.3.6-6.1.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/telnet-client-krb5-1.3.6-6.1.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/telnet-server-krb5-1.3.6-6.1.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/SRPMS/krb5-1.3.6-6.1.102mdk.src.rpm SGI Advanced Linux Environment 3 / RPM / Patch 10227 ftp://oss.sgi.com/projects/sgi_propack/download/3/updates/RPMS Advanced Linux Environment 3 / SRPM / Patch 10227 ftp://oss.sgi.com/projects/sgi_propack/download/3/updates/SRPMS SCO OpenServer 5.0.6 ftp://ftp.sco.com/pub/openserver5/opensrc/openssh-4.2p1/openssh42p1_vol.tar OpenServer 5.0.7 ftp://ftp.sco.com/pub/openserver5/507/mp/osr507mp4/osr507mp4_vol.tar
Standar resources
Property	Value
CVE	CAN-2004-0175
BID
Other resources
Juniper Networks NetScreen Advisory 59739 http://www.juniper.net/support/security/alerts/adv59739.txt Red Hat Security Advisory RHSA-2005:074-10 https://rhn.redhat.com/errata/RHSA-2005-074.html Red Hat Security Advisory RHSA-2005:106-04 https://rhn.redhat.com/errata/RHSA-2005-106.html Red Hat Security Advisory RHSA-2005:481-03 https://rhn.redhat.com/errata/RHSA-2005-481.html Red Hat Security Advisory RHSA-2005:165-03 https://rhn.redhat.com/errata/RHSA-2005-165.html Red Hat Security Advisory RHSA-2005:495-02 https://rhn.redhat.com/errata/RHSA-2005-495.html Mandriva Security Advisories MDKSA-2005:100 http://www.mandriva.com/security/advisories?name=MDKSA-2005:100 Red Hat Security Advisory RHSA-2005:567-08 https://rhn.redhat.com/errata/RHSA-2005-567.html Red Hat Security Advisory RHSA-2005:562-10 https://rhn.redhat.com/errata/RHSA-2005-562.html Mandriva Security Advisories MDKSA-2005:119 http://www.mandriva.com/security/advisories?name=MDKSA-2005:119 SGI Security Advisory (20051002-01-U) ftp://patches.sgi.com/support/free/security/advisories/20051002-01-U.asc SCO Security Advisory (SCOSA-2006.11) ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.11/SCOSA-2006.11.txt

Version history
Version	Comments	Date
1.0	Aviso emitido	2004-09-06
1.1	CAN añadido	2004-11-03
1.2	Avisos emitidos por Red Hat (RHSA-2005:074-10, RHSA-2005:106-04)	2005-05-19
1.3	Aviso emitido por Red Hat (RHSA-2005:481-03)	2005-06-03
1.4	Aviso emitido por Red Hat (RHSA-2005:495-02)	2005-06-14
1.5	Aviso emitido por Mandriva (MDKSA-2005:100)	2005-06-15
1.6	Avisos emitidos por Red Hat (RHSA-2005:567-08, RHSA-2005:562-10)	2005-07-13
1.7	Aviso emitido por Mandriva (MDKSA-2005:119)	2005-07-14
1.8	Aviso emitido por SGI (20051002-01-U)	2005-10-21
1.9	Aviso emitido por SCO (SCOSA-2006.11)	2006-03-16

Vulnerability Bulletins

Vulnerabilidad de directorio transversal en el cliente scp OpenSSH

Vulnerability classification

System information

Description

Solution

Standar resources

Other resources

Version history