Hi ,
I want to update openssh rpms on my system through yum.
However, it says no package marked for update.
To get rid of the vulnerability ( CVE ID : CVE-2007-4752 ) we need to go beyond version 4.7 ( hope i am right here ).
What can be done ?
Here are my system details :
cat /etc/redhat-release
CentOS release 5.10 (Final)
# rpm -qa| grep openssh
openssh-server-4.3p2-82.el5
openssh-4.3p2-82.el5
openssh-clients-4.3p2-82.el5
Thanks in advance,
Soniya Mittal
CVE-2007-4752: OpenSSH X11 Cookie Local Authentication Bypass
CVE-2007-4752: OpenSSH X11 Cookie Local Authentication Bypass
Last edited by soniya_ag on 2016/09/06 12:41:20, edited 1 time in total.
Re: CVE-2007-4752: OpenSSH X11 Cookie Local Authentication Bypass
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: CVE-2007-4752: OpenSSH X11 Cookie Local Authentication Bypass
Have already installed the mention version :4.3p2-82.el5 , still see the vulnerability on my security scan machine.
Re: CVE-2007-4752: OpenSSH X11 Cookie Local Authentication Bypass
Get a better security scanner?
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke