OpenSSH 7.2p1 - (Authenticated) xauth Command Injection. Remote exploit for Multiple platform. Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or 'oracle') as a vulnerability.' 2 CVE-2017-15906: 269.
update centos 7.5 openssh lasted , but not fix CVE-2018-15919 after update.which openssh Version can fix the bug? or how fix the openssh CVE-2018-15919 bug?
env:
---befor update
openssh-server-7.4p1-16.el7.x86_64
openssh-7.4p1-16.el7.x86_64
openssh-clients-7.4p1-16.el7.x86_64
---after update
openssh-7.4p1-21.el7.x86_64
openssh-server-7.4p1-21.el7.x86_64
openssh-clients-7.4p1-21.el7.x86_64
---check changelog not fix
rpm -qi openssh --changelog|grep CVE|sort
CVE-2006-4924 - prevent DoS on deattack detector (#207957)
- CVE-2006-5051 - don't call cleanups from signal handler (#208459)
- CVE-2006-5794 - properly detect failed key verify in monitor (#214641)
- CVE-2010-4755
- CVE-2015-8325: privilege escalation via user's PAM environment and UseLogin=yes (#1329191)
- CVE-2016-1908: possible fallback from untrusted to trusted X11 forwarding (#1298741)- CVE-2016-3115: missing sanitisation of input for X11 forwarding (#1317819)
- Fix for CVE-2017-15906 (#1517226)
- Fix for CVE-2018-15473 (#1619079)
- Security fixes released with openssh-6.9 (CVE-2015-5352) (#1247864)
- add new option GSSAPIEnablek5users and disable using ~/.k5users by default CVE-2014-9278
- change default value of MaxStartups - CVE-2010-5107 (#908707)
Openssh 7.4 P1005
- fixed audit log injection problem (CVE-2007-3102)
- only query each keyboard-interactive device once (CVE-2015-5600) (#1245971)
- prevent a server from skipping SSHFP lookup - CVE-2014-2653 (#1081338)
- prevents CVE-2016-0777 and CVE-2016-0778
Ssh-2.0-openssh_7.4p1 Debian-10 Deb9u7
- use fork+exec instead of system in scp - CVE-2006-0225 (#16816