- Vulnerability/
- USN-3796-2
USN-3796-2: Paramiko vulnerability
First published: Wed Oct 17 2018(Updated: )
USN-3796-1 fixed a vulnerability in paramiko. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Daniel Hoffman discovered that Paramiko incorrectly handled authentication when being used as a server. A remote attacker could use this issue to bypass authentication without any credentials.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/python-paramiko | <1.7.7.1-2ubuntu1.2 | 1.7.7.1-2ubuntu1.2 |
| =12.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this Paramiko vulnerability?
The vulnerability ID for this Paramiko vulnerability is USN-3796-2.
What is the severity of the Paramiko vulnerability?
The severity of the Paramiko vulnerability is not specified in the provided information.
How can I fix the Paramiko vulnerability on Ubuntu 12.04?
To fix the Paramiko vulnerability on Ubuntu 12.04, you should update the python-paramiko package to version 1.7.7.1-2ubuntu1.2 or later.
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type
- collector/usn
- source/Ubuntu
- anchor-related/USN-3796-3
- anchor-related/USN-3796-1
- agent/software-canonical-lookup
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu ubuntu
- version/ubuntu ubuntu/12.04