You are here
Home > Preporuke > Sigurnosni nedostatak programske biblioteke paramiko

Sigurnosni nedostatak programske biblioteke paramiko

  • Detalji os-a: WN7
  • Važnost: URG
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-3796-3
October 22, 2018

paramiko vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 18.10

Summary:

Paramiko could allow unintended access to network services.

Software Description:
– paramiko: Python SSH2 library

Details:

USN-3796-1 fixed a vulnerability in Paramiko. This update provides the
corresponding update for Ubuntu 18.10.

Original advisory details:

Daniel Hoffman discovered that Paramiko incorrectly handled authentication
when being used as a server. A remote attacker could use this issue to
bypass authentication without any credentials.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.10:
python-paramiko 2.4.1-0ubuntu3.1
python3-paramiko 2.4.1-0ubuntu3.1

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
https://usn.ubuntu.com/usn/usn-3796-3
https://usn.ubuntu.com/usn/usn-3796-1
CVE-2018-1000805

Package Information:
https://launchpad.net/ubuntu/+source/paramiko/2.4.1-0ubuntu3.1

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAlvOE8kACgkQZWnYVadE
vpNQnQ//bSvyhy8Ozb2HEz50/Ow7BaWJjWCZyV+OmDtXR4lJKtuJ4Jm5Uh0Nrd3m
gnxQPndFYcn4+l7uJ9+/UHPXOgCp+w61TTlkWG4L3iF6Vqmds3j/m/z2orwsDBoF
vb0n+QhN+pOZ3bwOAeJwG42jJcxcTmKjHI9LpkdyjkHe0b9wQH/e4N+bAjHzaaOH
BgvVxfdTJTlxnSz/WSlba1glwO/TX5XPEkYqQN2F00EJJi+ZP3Lyrco3nF7OTgtD
ietwF8oOdmuEBvyRugXz8/3Qf54yGBN5ttYIzWC52nAHpG4C8uOOEO1UkyggPVnF
GXt+c/RoJ4x41M1uFYUo1RO5F99nNonEx0OZ/eqYWxS8X6zviNEZqVDS+qETN7pa
Yr+JJfx4mUAsNoLZy7KMcf6vLeoFLo1mNx8ZLtzkbg1lIXfXeqS4KS9a/XWaUyRI
lVaNe6mnFGfbMRobIrSxITRVNSeMK8t4+XbOv3JlVZGZkM4oGltI0eP/6acKAZcN
mcta0RKa+T8L+afSmrbh86OZjG+5CLF91Uz+F+CvlCaeNBkn+Y0SONcZGBlEaSie
gBPVgAgMHAEfaOv+AhoPSyhFmF0CSkQOvwGeMJ5k8TFeT7A18fcojaQNViRho4dC
rRfs8q6fbpOTo/xU9OJHqSvGJUVagq3dYtGfd8lE0/A9GvdK0z4=
=bKUE
—–END PGP SIGNATURE—–

AutorToni Vugdelija
Cert idNCERT-REF-2018-10-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostaci jezgre operacijskog sustava

Otkriveni su sigurnosni nedostaci u jezgri operacijskog sustava Ubuntu. Otkriveni nedostaci potencijalnim napadačima omogućuju otkrivanje osjetljivih informacija, izvođenje napada uskraćivanjem...

Close