Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Debian Security Advisory DSA 1576-2 (openssh)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The remote host is missing an update to openssh announced via advisory DSA 1576-2.
Insight
Insight
Matt Zimmerman discovered that entries in ~/.ssh/authorized_keys with options (such as no-port-forwarding or forced commands) were ignored by the new ssh-vulnkey tool introduced in openssh 1:4.3p2-9etch1 (see DSA 1576-1). This could cause some compromised keys not to be listed in ssh-vulnkey's output. This update also adds more information to ssh-vulnkey's manual page. For the stable distribution (etch), this problem has been fixed in version 1:4.3p2-9etch2 We recommend that you upgrade your openssh (1:4.3p2-9etch2) package.
Solution
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201576-2