CVE-2016-0777: Infoleak
First published: Thu Jan 14 2016(Updated: )
The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sophos Unified Threat Management Software | =9.318 | |
| Sophos Unified Threat Management Software | =9.353 | |
| Sophos Unified Threat Management | =110 | |
| Sophos Unified Threat Management | =120 | |
| Sophos Unified Threat Management | =220 | |
| Sophos Unified Threat Management | =320 | |
| Sophos Unified Threat Management | =425 | |
| Sophos Unified Threat Management | =525 | |
| Sophos Unified Threat Management | =625 | |
| Oracle Linux | =7 | |
| Oracle Solaris | =11.3 | |
| Openbsd Openssh | =5.0 | |
| Openbsd Openssh | =5.0-p1 | |
| Openbsd Openssh | =5.1 | |
| Openbsd Openssh | =5.1-p1 | |
| Openbsd Openssh | =5.2 | |
| Openbsd Openssh | =5.2-p1 | |
| Openbsd Openssh | =5.3 | |
| Openbsd Openssh | =5.3-p1 | |
| Openbsd Openssh | =5.4 | |
| Openbsd Openssh | =5.4-p1 | |
| Openbsd Openssh | =5.5 | |
| Openbsd Openssh | =5.5-p1 | |
| Openbsd Openssh | =5.6 | |
| Openbsd Openssh | =5.6-p1 | |
| Openbsd Openssh | =5.7 | |
| Openbsd Openssh | =5.7-p1 | |
| Openbsd Openssh | =5.8 | |
| Openbsd Openssh | =5.8-p1 | |
| Openbsd Openssh | =5.9 | |
| Openbsd Openssh | =5.9-p1 | |
| Openbsd Openssh | =6.0 | |
| Openbsd Openssh | =6.0-p1 | |
| Openbsd Openssh | =6.1 | |
| Openbsd Openssh | =6.1-p1 | |
| Openbsd Openssh | =6.2 | |
| Openbsd Openssh | =6.2-p1 | |
| Openbsd Openssh | =6.2-p2 | |
| Openbsd Openssh | =6.3 | |
| Openbsd Openssh | =6.3-p1 | |
| Openbsd Openssh | =6.4 | |
| Openbsd Openssh | =6.4-p1 | |
| Openbsd Openssh | =6.5 | |
| Openbsd Openssh | =6.5-p1 | |
| Openbsd Openssh | =6.6 | |
| Openbsd Openssh | =6.6-p1 | |
| Openbsd Openssh | =6.7 | |
| Openbsd Openssh | =6.7-p1 | |
| Openbsd Openssh | =6.8 | |
| Openbsd Openssh | =6.8-p1 | |
| Openbsd Openssh | =6.9 | |
| Openbsd Openssh | =6.9-p1 | |
| Openbsd Openssh | =7.0 | |
| Openbsd Openssh | =7.0-p1 | |
| Openbsd Openssh | =7.1 | |
| Openbsd Openssh | =7.1-p1 | |
| Hp Remote Device Access Virtual Customer Access System | <=15.07 | |
| Apple Mac OS X | <=10.11.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10734
- http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html
- http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176516.html
- http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175592.html
- http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175676.html
- http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176349.html
- http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00006.html
- http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00007.html
- http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00008.html
- http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00009.html
- http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00013.html
- http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00014.html
- http://packetstormsecurity.com/files/135273/Qualys-Security-Advisory-OpenSSH-Overflow-Leak.html
- http://seclists.org/fulldisclosure/2016/Jan/44
- http://www.debian.org/security/2016/dsa-3446
- http://www.openssh.com/txt/release-7.1p2
- http://www.openwall.com/lists/oss-security/2016/01/14/7
- http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
- http://www.securityfocus.com/archive/1/537295/100/0/threaded
- http://www.securityfocus.com/bid/80695
- http://www.securitytracker.com/id/1034671
- http://www.ubuntu.com/usn/USN-2869-1
- https://blogs.sophos.com/2016/02/17/utm-up2date-9-354-released/
- https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/
- https://bto.bluecoat.com/security-advisory/sa109
- https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05247375
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
- https://security.FreeBSD.org/advisories/FreeBSD-SA-16:07.openssh.asc
- https://security.gentoo.org/glsa/201601-01
- https://support.apple.com/HT206167
- collector/nvd-index
- agent/severity
- agent/references
- agent/author
- agent/tags
- agent/weakness
- agent/type
- agent/description
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/sophos
- canonical/sophos unified threat management software
- version/sophos unified threat management software/9.318
- version/sophos unified threat management software/9.353
- canonical/sophos unified threat management
- version/sophos unified threat management/110
- version/sophos unified threat management/120
- version/sophos unified threat management/220
- version/sophos unified threat management/320
- version/sophos unified threat management/425
- version/sophos unified threat management/525
- version/sophos unified threat management/625
- vendor/oracle
- canonical/oracle linux
- version/oracle linux/7
- canonical/oracle solaris
- version/oracle solaris/11.3
- vendor/openbsd
- canonical/openbsd openssh
- version/openbsd openssh/5.0
- version/openbsd openssh/5.0-p1
- version/openbsd openssh/5.1
- version/openbsd openssh/5.1-p1
- version/openbsd openssh/5.2
- version/openbsd openssh/5.2-p1
- version/openbsd openssh/5.3
- version/openbsd openssh/5.3-p1
- version/openbsd openssh/5.4
- version/openbsd openssh/5.4-p1
- version/openbsd openssh/5.5
- version/openbsd openssh/5.5-p1
- version/openbsd openssh/5.6
- version/openbsd openssh/5.6-p1
- version/openbsd openssh/5.7
- version/openbsd openssh/5.7-p1
- version/openbsd openssh/5.8
- version/openbsd openssh/5.8-p1
- version/openbsd openssh/5.9
- version/openbsd openssh/5.9-p1
- version/openbsd openssh/6.0
- version/openbsd openssh/6.0-p1
- version/openbsd openssh/6.1
- version/openbsd openssh/6.1-p1
- version/openbsd openssh/6.2
- version/openbsd openssh/6.2-p1
- version/openbsd openssh/6.2-p2
- version/openbsd openssh/6.3
- version/openbsd openssh/6.3-p1
- version/openbsd openssh/6.4
- version/openbsd openssh/6.4-p1
- version/openbsd openssh/6.5
- version/openbsd openssh/6.5-p1
- version/openbsd openssh/6.6
- version/openbsd openssh/6.6-p1
- version/openbsd openssh/6.7
- version/openbsd openssh/6.7-p1
- version/openbsd openssh/6.8
- version/openbsd openssh/6.8-p1
- version/openbsd openssh/6.9
- version/openbsd openssh/6.9-p1
- version/openbsd openssh/7.0
- version/openbsd openssh/7.0-p1
- version/openbsd openssh/7.1
- version/openbsd openssh/7.1-p1
- vendor/hp
- canonical/hp remote device access virtual customer access system
- version/hp remote device access virtual customer access system/15.07
- vendor/apple
- canonical/apple mac os x
- version/apple mac os x/10.11.3