• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Question OpenSSH vulnerability?

W

wildeeep

New Pleskian
Server operating system version
Ubuntu 20.04.6 LTS
Plesk version and microupdate number
18.0.58
Hi!. have just had a security scan done on my server as part of a compicance survey and they reported the following:

OpenSSH 8.2p1 Ubuntu-4ubuntu0.11 has a well-known and highly visible security vulnerability. Services with known and highly visible security vulnerabilities can be specifically targeted and exploited by hackers. This service should be updated to the latest version. Refer to the OpenSSH website for further details. This service is using port 22 on IP address xxxx

is this something to be concerned about and can it be updated?
 
We have the same issue flagged.

Description
The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.)

NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.

Detected openbsd openssh version 8.9p1

Solution
Update to the latest version.

What can we do to mitigate this, please?
 
You must log in or register to reply here.

Similar threads

Oscar Segura
Issue Upgrading from Ubuntu 20.04 to 22.04: failed reboot
Replies
0
Views
1K
Oscar Segura
Oscar Segura
O
Question Plesk Admin Panel - Internal IP address Revealed on port 8443 (PCI Compliance Issue)
Replies
0
Views
1K
OWEUX LLC
O
B
Issue Update > Blank Panel (forced apt-get update, install and upgrade with -f)
Replies
3
Views
1K
IgorG
IgorG
E
How to Set up Your WordPress Website Security
Replies
0
Views
2K
Elvis Plesky
E
Edi Duluman
Resolved How to fix the TLS Poodle PCI Compliance issue
Replies
2
Views
2K
Edi Duluman
Edi Duluman
Back
Top