Debian Security Advisory DSA 382-2 (ssh) Network Vulnerability

Summary

The remote host is missing an update to ssh announced via advisory DSA 382-2.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20382-2

Insight

This advisory is an addition to the earlier DSA-382-1 advisory: two more buffer handling problems have been found in addition to the one described in DSA-382-1. It is not known if these bugs are exploitable, but as a precaution an upgrade is advised. For the Debian stable distribution these bugs have been fixed in version 1:3.4p1-1.woody.2 . Please note that if a machine is setup to install packages from proposed-updates it will not automatically install this update.

Severity

Classification

CVE CVE-2003-0693, CVE-2003-0695

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Debian Security Advisory DSA 079-1 (uucp)
Debian Security Advisory DSA 034-1 (ePerl)
Debian Security Advisory DSA 014-1 (splitvt)
Debian Security Advisory DSA 075-1 (netkit-telnet-ssl)
Debian Security Advisory DSA 085-1 (nvi, nvi-m17n)

Take action and discover your vulnerabilities