| VID |
14159 |
| Severity |
40 |
| Port |
22 |
| Protocol |
TCP |
| Class |
SSH |
| Detailed Description |
The version of OpenSSH installed on the remote host is prior to 9.3p2. It is, therefore, affected by a vulnerability as referenced in the release-9.3p2 advisory.
- Fix CVE-2023-38408 - a condition where specific libaries loaded via ssh-agent(1)'s PKCS#11 support could be abused to achieve remote code execution via a forwarded agent socket if the following (openssh-9.3p2-1)
* References:
https://www.openssh.com/txt/release-9.3p2
* Platforms Affected:
OpenSSH prior to 9.3p2
Linux Any version
Unix Any version |
| Recommendation |
Upgrade to the latest version of OpenSSH (9.3p2 or later), available from the OpenSSH Web site at http://www.openssh.org/ |
| Related URL |
CVE-2023-38408 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
