python-paramiko-1.7.5-5.AXS4
エラータID: AXSA:2019-3448:01
The python-paramiko package provides a Python module that implements the SSH2 protocol for encrypted and authenticated connections to remote machines. Unlike SSL, the SSH2 protocol does not require hierarchical certificates signed by a powerful central authority. The protocol also includes the ability to open arbitrary channels to remote services across an encrypted tunnel.
Security Fix(es):
* python-paramiko: Authentication bypass in auth_handler.py (CVE-2018-1000805)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2018-1000805
Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE. This attack appear to be exploitable via network connectivity.
Update packages.
Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE. This attack appear to be exploitable via network connectivity.
N/A
SRPMS
- python-paramiko-1.7.5-5.AXS4.src.rpm
MD5: 76dbc2ebf997ef5ba85394abede55754
SHA-256: 8ad753116c40f318e3b60f60c4bd70f469650b9728551234b1b5d4c7d8b238b8
Size: 833.78 kB
Asianux Server 4 for x86
- python-paramiko-1.7.5-5.AXS4.noarch.rpm
MD5: 63dc32aec94baebdba8ff648a948d074
SHA-256: 06344e5c8a947acceb2ce3e54637afd485efca9d40fa56e3105769a066018560
Size: 728.97 kB
Asianux Server 4 for x86_64
- python-paramiko-1.7.5-5.AXS4.noarch.rpm
MD5: 3d15baf558f9fd8ece184a5d99a2536c
SHA-256: 344b40d2520df3a3ad0a73f2f4c50162810f628cb6c6e385f4e7a28cdf02eb62
Size: 728.52 kB