SecurityFocus 在其网站上公布了一个关于 OpenSSH 的漏洞,信息如下:
OpenSSH CVE-2016-10009 远程执行代码漏洞
-
Bugtraq ID:94968
-
Class:Unknown
-
CVE:CVE-2016-10009
-
Remote:Yes
-
Local:No
-
Published:Dec 19 2016 12:00AM
-
Updated:Dec 20 2016 01:11PM
-
Credit:Jann Horn of Project Zero.
易受攻击的版本:
-
OpenSSH OpenSSH 7.3
-
OpenSSH OpenSSH 7.2p2
-
OpenSSH OpenSSH 7.2
-
OpenSSH OpenSSH 7.1p2
-
OpenSSH OpenSSH 7.1p1
-
OpenSSH OpenSSH 7.1
-
OpenSSH OpenSSH 7.0
-
OpenSSH OpenSSH 6.9p1
-
OpenSSH OpenSSH 6.9
-
OpenSSH OpenSSH 6.6
-
OpenSSH OpenSSH 6.5
-
OpenSSH OpenSSH 6.4
-
OpenSSH OpenSSH 6.3
-
OpenSSH OpenSSH 6.2
-
OpenSSH OpenSSH 6.1
-
OpenSSH OpenSSH 6.0
-
OpenSSH OpenSSH 5.8
-
OpenSSH OpenSSH 5.7
-
OpenSSH OpenSSH 5.6
-
OpenSSH OpenSSH 5.5
-
OpenSSH OpenSSH 5.4
-
OpenSSH OpenSSH 5.3
-
OpenSSH OpenSSH 5.2
-
OpenSSH OpenSSH 5.1
-
OpenSSH OpenSSH 5.0
不易受攻击的版本:OpenSSH OpenSSH 7.4
因此,还是建议升级到最新版的 OpenSSH。
http://www.securityfocus.com/bid/94968/info