(Palo Alto Networks Issues Fix for Palo Alto PAN-OS) OpenSSH Flaws Let Remote Authenticated Users Obtain Potentially Sensitive Information From Client Memory
|
SecurityTracker Alert ID: 1036323 |
SecurityTracker URL: http://securitytracker.com/id/1036323
|
CVE Reference:
CVE-2016-0777, CVE-2016-0778
(Links to External Site)
|
Date: Jul 16 2016
|
Impact:
Disclosure of system information, Disclosure of user information
|
Fix Available: Yes Vendor Confirmed: Yes
|
|
Description:
Several vulnerabilities were reported in OpenSSH. A remote authenticated server can obtain potentially sensitive information from OpenSSH client memory on the target system or potentially execute arbitrary code on the target client system. Palo Alto PAN-OS is affected.
An OpenSSH server on an authenticated connection can cause the connected client to leak portions of client memory to the server [CVE-2016-0777]. This may include private client user keys.
The Qualys Security team reported this vulnerability.
An OpenSSH server on an authenticated connection may be able to trigger a buffer overflow and file descriptor leak in the connected client in certain cases when using ProxyCommand, ForwardAgent, or ForwardX11 [CVE-2016-0778].
The Qualys Security team reported this vulnerability.
A user may be able to trigger an out-of-bounds read access error in the packet handling code [CVE-2016-1907]. Ben Hawkes reported this vulnerability.
|
Impact:
A remote authenticated server can obtain potentially sensitive information from the target connected client.
|
Solution:
Palo Alto Networks has issued a fix for CVE-2016-0777 and CVE-2016-0778 for Palo Alto PAN-OS (7.1.3).
The Palo Alto Networks advisory is available at:
https://securityadvisories.paloaltonetworks.com/Home/Detail/44
|
Cause:
Access control error, Boundary error
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
|
[Original Message Not Available for Viewing]
|
|