OVAL Reference oval:org.mitre.oval:def:18593

DSA-1571-1, CVE-2008-0166) indirectly affects OpenSSH. As a result, all user and host keys generated using broken versions of the openssl package must be considered untrustworthy, even after the openssl update has been applied."> OVAL Reference oval:org.mitre.oval:def:18593 - CERT Civis.Net

Oval Definition:

oval:org.mitre.oval:def:18593

Revision Date:	2014-06-23	Version:	5
Title:	DSA-1576-1 openssh openssh-blacklist - predictable randomness
Description:	The recently announced vulnerability in Debian's openssl package (DSA-1571-1, CVE-2008-0166) indirectly affects OpenSSH. As a result, all user and host keys generated using broken versions of the openssl package must be considered untrustworthy, even after the openssl update has been applied.
Family:	unix	Class:	patch
Status:	ACCEPTED	Reference(s):	CVE-2007-4752 CVE-2008-0166 CVE-2008-1483 DSA-1576-1
Platform(s):	Debian GNU/Linux 4.0	Product(s):	openssh
Definition Synopsis
Debian GNU/Linux 4.0 is installed. AND openssh DPKG is earlier than 1:4.3p2-9etch2

BACK