Oval Definition:oval:org.opensuse.security:def:20120814
Revision Date:2022-05-20Version:1
Title:CVE-2012-0814
Description:

The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2012-0814
Mitre CVE-2012-0814
SUSE CVE-2012-0814
Platform(s):SUSE CORE 9 for AMD64 and Intel EM64T
SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T
SUSE Linux Enterprise Desktop 10 SP4 for x86
SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Server 10 SP4 for AMD64 and Intel EM64T
SUSE Linux Enterprise Server 10 SP4 for IBM POWER
SUSE Linux Enterprise Server 10 SP4 for IBM zSeries 64bit
SUSE Linux Enterprise Server 10 SP4 for IPF
SUSE Linux Enterprise Server 10 SP4 for x86
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 11 SP1 for Teradata
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1-TERADATA
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server 11-SECURITY
SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA
SUSE Linux Enterprise Server for SAP Applications 12 SP3
SUSE Linux Enterprise Teradata 10 SP3 for AMD64 and Intel EM64T
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND Package Information
  • openssh-6.2p2-0.9 is installed
  • OR openssh-askpass-6.2p2-0.9 is installed
    • Definition Synopsis
  • sles10-sp4 is installed
  • AND Package Information
  • openssh-askpass less than 5.1p1-41.12.8
  • OR openssh less than 5.1p1-41.12.8
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND
  • openssh-6.2p2-0.9.1 is installed
  • OR openssh-askpass-6.2p2-0.9.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • AND
  • openssh-6.6p1-4.7 is installed
  • OR openssh-fips-6.6p1-4.7 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP1 is installed
  • AND
  • openssh-5.1p1-41.55 is installed
  • OR openssh-askpass-5.1p1-41.55 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP2 is installed
  • AND
  • openssh-5.1p1-41.55 is installed
  • OR openssh-askpass-5.1p1-41.55 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND
  • openssh-6.2p2-0.9 is installed
  • OR openssh-askpass-6.2p2-0.9 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • AND
  • openssh-6.6p1-4 is installed
  • OR openssh-fips-6.6p1-4 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • AND
  • openssh-6.6p1-4 is installed
  • OR openssh-fips-6.6p1-4 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND
  • openssh-6.2p2-0.9 is installed
  • OR openssh-askpass-6.2p2-0.9 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11-SECURITY is installed
  • AND
  • openssh-openssl1-6.6p1-10 is installed
  • OR openssh-openssl1-helpers-6.6p1-10 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP1 is installed
  • OR SUSE Linux Enterprise Server 11 SP2 is installed
  • AND
  • openssh-5.1p1-41.55 is installed
  • OR openssh-askpass-5.1p1-41.55 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • AND
  • openssh-6.6p1-4 is installed
  • OR openssh-fips-6.6p1-4 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND
  • openssh-6.2p2-0.9 is installed
  • OR openssh-askpass-6.2p2-0.9 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11-SECURITY is installed
  • AND
  • openssh-openssl1-6.6p1-10 is installed
  • OR openssh-openssl1-helpers-6.6p1-10 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP1 is installed
  • OR SUSE Linux Enterprise Server 11 SP1-TERADATA is installed
  • OR SUSE Linux Enterprise Server 11 SP2 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA is installed
  • AND
  • openssh-5.1p1-41.55 is installed
  • OR openssh-askpass-5.1p1-41.55 is installed
  • OR openssh-askpass-gnome-5.1p1-41.51 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed
  • AND Package Information
  • openssh is not affected
  • OR openssh-fips is not affected
  • OR openssh-helpers is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11-SECURITY is installed
  • AND
  • openssh-openssl1-6.6p1-10.1 is installed
  • OR openssh-openssl1-helpers-6.6p1-10.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND
  • openssh-6.2p2-0.9.1 is installed
  • OR openssh-askpass-6.2p2-0.9.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • AND
  • openssh-6.6p1-4.7 is installed
  • OR openssh-fips-6.6p1-4.7 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP1 is installed
  • OR SUSE Linux Enterprise Server 11 SP1-TERADATA is installed
  • OR SUSE Linux Enterprise Server 11 SP2 is installed
  • AND
  • openssh-5.1p1-41.55.1 is installed
  • OR openssh-askpass-5.1p1-41.55.1 is installed
  • OR openssh-askpass-gnome-5.1p1-41.51.1 is installed
    • BACK