TITLE: Mandriva update for openssh SECUNIA ADVISORY ID: SA18736 VERIFY ADVISORY: http://secunia.com/advisories/18736/ CRITICAL: Not critical IMPACT: Privilege escalation WHERE: Local system OPERATING SYSTEM: Mandrakelinux 10.1 http://secunia.com/product/4198/ DESCRIPTION: Mandriva has issued an update for openssh. This fixes a weakness, which potentially can be exploited by malicious, local users to perform certain actions with escalated privileges. For more information: SA18579 SOLUTION: Apply updated packages. Mandrakelinux 10.1: 4f1958566f5258886743a45f22ef1e34 10.1/RPMS/openssh-4.3p1-0.1.101mdk.i586.rpm f817eb7108f59f33beb454ca6e443229 10.1/RPMS/openssh-askpass-4.3p1-0.1.101mdk.i586.rpm db84193dba5e3f5c1e225275abe8b641 10.1/RPMS/openssh-askpass-gnome-4.3p1-0.1.101mdk.i586.rpm a9ce7f968bcff665f647262a2ccd5d75 10.1/RPMS/openssh-clients-4.3p1-0.1.101mdk.i586.rpm 72ca79bc593835e75bf9d8996d4dd900 10.1/RPMS/openssh-server-4.3p1-0.1.101mdk.i586.rpm 33d2f96a7696b009e218ae0b721252f7 10.1/SRPMS/openssh-4.3p1-0.1.101mdk.src.rpm Mandrakelinux 10.1/X86_64: 4f1030c6ee3a954d2edfc74e33e42ecb x86_64/10.1/RPMS/openssh-4.3p1-0.1.101mdk.x86_64.rpm d53686d7ede0f71a113cd129b9251b61 x86_64/10.1/RPMS/openssh-askpass-4.3p1-0.1.101mdk.x86_64.rpm 519e7a06bcd2dab1faeea0f890f87b17 x86_64/10.1/RPMS/openssh-askpass-gnome-4.3p1-0.1.101mdk.x86_64.rpm 77bf38dce2398fad97c67527bfecce98 x86_64/10.1/RPMS/openssh-clients-4.3p1-0.1.101mdk.x86_64.rpm 78e6936ccd813adfb65878c9ddf171e3 x86_64/10.1/RPMS/openssh-server-4.3p1-0.1.101mdk.x86_64.rpm 33d2f96a7696b009e218ae0b721252f7 x86_64/10.1/SRPMS/openssh-4.3p1-0.1.101mdk.src.rpm ORIGINAL ADVISORY: http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:034 OTHER REFERENCES: SA18579: http://secunia.com/advisories/18579/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------