Detections
Analytics
Amazon Linux AMI : openssh (ALAS-2015-625)
high Nessus Plugin ID 87351
Language:
Synopsis
The remote Amazon Linux AMI host is missing a security update.Description
A flaw was found in the way OpenSSH handled PAM authentication when using privilege separation. An attacker with valid credentials on the system and able to fully compromise a non-privileged pre-authentication process using a different flaw could use this flaw to authenticate as other users.It was discovered that the OpenSSH sshd daemon did not check the list of keyboard-interactive authentication methods for duplicates. A remote attacker could use this flaw to bypass the MaxAuthTries limit, making it easier to perform password guessing attacks.
A use-after-free flaw was found in OpenSSH. An attacker able to fully compromise a non-privileged pre-authentication process using a different flaw could possibly cause sshd to crash or execute arbitrary code with root privileges.
Solution
Run 'yum update openssh' to update your system.See Also
Plugin Details
Severity: High
ID: 87351
File Name: ala_ALAS-2015-625.nasl
Version: 2.2
Type: local
Agent: unix
Published: 12/15/2015
Updated: 4/18/2018
Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: High
Base Score: 8.5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:C
Vulnerability Information
CPE: p-cpe:/a:amazon:linux:openssh-clients, p-cpe:/a:amazon:linux:openssh-keycat, p-cpe:/a:amazon:linux:pam_ssh_agent_auth, p-cpe:/a:amazon:linux:openssh-server, p-cpe:/a:amazon:linux:openssh-ldap, cpe:/o:amazon:linux, p-cpe:/a:amazon:linux:openssh, p-cpe:/a:amazon:linux:openssh-debuginfo
Required KB Items: Host/local_checks_enabled, Host/AmazonLinux/release, Host/AmazonLinux/rpm-list
Patch Publication Date: 12/14/2015
Reference Information
CVE: CVE-2015-5600, CVE-2015-6563, CVE-2015-6564
ALAS: 2015-625