Ubuntu Update For Openssh USN-2014-1 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Markus Friedl discovered that OpenSSH incorrectly handled memory when the AES-GCM cipher was used. A remote authenticated attacker could use this issue to execute arbitrary code as their user, possibly bypassing shell or command restrictions.

Affected

openssh on Ubuntu 13.10

Severity

Classification

CVE CVE-2013-4548

CVSS	Base Score: 6.0 AV:N/AC:M/Au:S/C:P/I:P/A:P

Related Vulnerabilities

Ubuntu Update for apache2 vulnerabilities USN-1021-1
Ubuntu Update for clamav vulnerability USN-986-2
Ubuntu Update for cupsys vulnerability USN-606-1
Ubuntu Update for backuppc USN-1249-1
Ubuntu Update for dnsmasq vulnerability USN-627-1

Ubuntu Update for openssh USN-2014-1

Take action and discover your vulnerabilities