CVE-2018-7750 Ubuntu Security Notification for Paramiko Vulnerability (USN-3603-1)

漏洞类别:Ubuntu

漏洞等级:

漏洞信息

It was discovered that Paramiko’s SSH server implementation did not properly require authentication before processing requests.

漏洞危害

An unauthenticated remote attacker could possibly use this to execute arbitrary code.

解决方案

Refer to Ubuntu advisory USN-3603-1 for affected packages and patching details, or update with your package manager.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

USN-3603-1: 16.04 (Xenial) on src (python-paramiko)

USN-3603-1: 17.10 (artful) on src (python-paramiko)

USN-3603-1: 17.10 (artful) on src (python3-paramiko)

USN-3603-1: 16.04 (Xenial) on src (python3-paramiko)

USN-3603-1: 14.04 (Kylin) on src (python-paramiko)

Leave a Reply