Alerts This Week
Warning Icon 1 560
Alerts This Week
Warning Icon 1 560

Ubuntu 20.04 LTS: 4820-1 Major Curl Vulnerability Mitigation

Calendar Oct 17, 2018 User Avatar LinuxSecurity Advisories
1 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory critical threat authentication issue ubuntu paramiko
Paramiko could allow unintended access to network services. 
=========================================================================Ubuntu Security Notice USN-3796-2
October 17, 2018

paramiko vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 ESM

Summary:

Paramiko could allow unintended access to network services.

Software Description:
- paramiko: Python SSH2 library

Details:

USN-3796-1 fixed a vulnerability in paramiko. This update provides
the corresponding update for Ubuntu 12.04 ESM.

Original advisory details:

 Daniel Hoffman discovered that Paramiko incorrectly handled
 authentication when being used as a server. A remote attacker could
 use this issue to bypass authentication without any credentials.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 ESM:
  python-paramiko                 1.7.7.1-2ubuntu1.2

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-3796-2
  https://ubuntu.com/security/notices/USN-3796-1
  CVE-2018-1000805

Ubuntu 20.04 LTS: 4820-1 Major Curl Vulnerability Mitigation

ubuntu
Calendar Grey October 17, 2018
Dist Ubuntu Esm H88
Ubuntu 20.04 LTS ESM patch resolves critical vulnerability in OpenSSH's key management within days of identification.
Paramiko could allow unintended access to network services.

Summary

Topics%20covered

Topics Covered

security advisory critical threat authentication issue ubuntu paramiko

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 ESM:   python-paramiko                 1.7.7.1-2ubuntu1.2 After a standard system update you need to reboot your computer to make all the necessary changes.

References

  https://ubuntu.com/security/notices/USN-3796-2

  https://ubuntu.com/security/notices/USN-3796-1

  CVE-2018-1000805

Severity
critical
Lowest
Low
Medium
High
Critical

October 17, 2018

Topics%20covered

Topics Covered

security advisory critical threat authentication issue ubuntu paramiko

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here