Vulnerability Name:

CVE-2006-0225 (CCN-24305)

Assigned:2005-09-28
Published:2005-09-28
Updated:2018-10-19
Summary:scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice.
CVSS v3 Severity:5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
3.4 Low (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
4.6 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
3.4 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Privileges
References:Source: OPENBSD
Type: UNKNOWN
20060212 [3.8] 005: SECURITY FIX: February 12, 2006

Source: SGI
Type: UNKNOWN
20060703-01-P

Source: CCN
Type: BugTraq Mailing List, Tue Dec 05 2006 - 13:41:51 CST
HPSBUX02178 SSRT061267 rev.1 - HP-UX Secure Shell Remote Denial of Service (DoS)

Source: CONFIRM
Type: UNKNOWN
http://blogs.sun.com/security/entry/sun_alert_102961_security_vulnerability

Source: CCN
Type: Gentoo Bugzilla Bug 119232
net-misc/{openssh|dropbear} metacharacter expansion in scp (CVE-2006-0225)

Source: MITRE
Type: CNA
CVE-2006-0225

Source: CCN
Type: Mac OS X 10.4.9 and Security Update 2007-003
About the security content of Mac OS X 10.4.9 and Security Update 2007-003

Source: CONFIRM
Type: UNKNOWN
http://docs.info.apple.com/article.html?artnum=305214

Source: HP
Type: UNKNOWN
HPSBUX02178

Source: APPLE
Type: UNKNOWN
APPLE-SA-2007-03-13

Source: CCN
Type: RHSA-2006-0044
openssh security update

Source: CCN
Type: RHSA-2006-0298
openssh security update

Source: CCN
Type: RHSA-2006-0698
openssh security update

Source: CCN
Type: SA18579
OpenSSH scp Command Line Shell Command Injection

Source: SECUNIA
Type: UNKNOWN
18579

Source: SECUNIA
Type: Patch, Vendor Advisory
18595

Source: SECUNIA
Type: UNKNOWN
18650

Source: SECUNIA
Type: UNKNOWN
18736

Source: SECUNIA
Type: UNKNOWN
18798

Source: SECUNIA
Type: UNKNOWN
18850

Source: SECUNIA
Type: UNKNOWN
18910

Source: CCN
Type: SA18964
Dropbear SSH Server scp Command Line Shell Command Injection

Source: SECUNIA
Type: UNKNOWN
18964

Source: SECUNIA
Type: UNKNOWN
18969

Source: SECUNIA
Type: UNKNOWN
18970

Source: SECUNIA
Type: UNKNOWN
19159

Source: CCN
Type: SA20723
IBM HMC Sendmail and OpenSSH Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
20723

Source: SECUNIA
Type: UNKNOWN
21129

Source: SECUNIA
Type: UNKNOWN
21262

Source: CCN
Type: SA21492
Avaya Products OpenSSH scp Shell Command Injection

Source: SECUNIA
Type: UNKNOWN
21492

Source: CCN
Type: SA21724
Avaya Products OpenSSH Shell Command Injection and Security Bypass

Source: SECUNIA
Type: UNKNOWN
21724

Source: SECUNIA
Type: UNKNOWN
22196

Source: SECUNIA
Type: UNKNOWN
23241

Source: CCN
Type: SA23340
Avaya PDS HP-UX Secure Shell / OpenSSL Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
23340

Source: CCN
Type: SA23680
VMWare ESX Server Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
23680

Source: CCN
Type: SA24479
Mac OS X Security Update Fixes Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
24479

Source: CCN
Type: SA25607
Sun Solaris scp Command Line Shell Command Injection

Source: SECUNIA
Type: UNKNOWN
25607

Source: CCN
Type: SA25936
Avaya CMS / IR Solaris scp Command Line Shell Command Injection

Source: SECUNIA
Type: UNKNOWN
25936

Source: SREASON
Type: UNKNOWN
462

Source: CCN
Type: SECTRACK ID: 1015540
OpenSSH scp Double Shell Character Expansion During Local-to-Local Copying May Let Local Users Gain Elevated Privileges in Certain Cases

Source: SECTRACK
Type: UNKNOWN
1015540

Source: SLACKWARE
Type: UNKNOWN
SSA:2006-045-06

Source: CCN
Type: Sun Alert ID: 102961
Security Vulnerability in scp(1) May Allow Execution of Unintended Commands

Source: SUNALERT
Type: UNKNOWN
102961

Source: CONFIRM
Type: UNKNOWN
http://support.avaya.com/elmodocs2/security/ASA-2006-158.htm

Source: CCN
Type: ASA-2006-158
openssh security update (RHSA-2006-0044)

Source: CONFIRM
Type: UNKNOWN
http://support.avaya.com/elmodocs2/security/ASA-2006-174.htm

Source: CCN
Type: ASA-2006-174
openssh security update (RHSA-2006-0298)

Source: CONFIRM
Type: UNKNOWN
http://support.avaya.com/elmodocs2/security/ASA-2006-262.htm

Source: CCN
Type: ASA-2006-262
HP-UX Secure Shell Remote Denial of Service (HPSBUX02178)

Source: CONFIRM
Type: UNKNOWN
http://support.avaya.com/elmodocs2/security/ASA-2007-246.htm

Source: CCN
Type: ASA-2007-246
Security Vulnerability in scp(1) May Allow Execution of Unintended Commands (Sun 102961)

Source: CCN
Type: Apple Mac OS X Web site
Apple - Apple - Mac OS X - Leopard Sneak Peek

Source: CCN
Type: GLSA-200602-11
OpenSSH, Dropbear: Insecure use of system() call

Source: GENTOO
Type: UNKNOWN
GLSA-200602-11

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2006:034

Source: SUSE
Type: UNKNOWN
SUSE-SA:2006:008

Source: CCN
Type: OpenPKG-SA-2006.003
OpenSSH

Source: OPENPKG
Type: UNKNOWN
OpenPKG-SA-2006.003

Source: OSVDB
Type: UNKNOWN
22692

Source: CCN
Type: OSVDB ID: 22692
OpenSSH scp Command Line Filename Processing Command Injection

Source: FEDORA
Type: UNKNOWN
FEDORA-2006-056

Source: REDHAT
Type: UNKNOWN
RHSA-2006:0044

Source: REDHAT
Type: UNKNOWN
RHSA-2006:0298

Source: REDHAT
Type: UNKNOWN
RHSA-2006:0698

Source: FEDORA
Type: UNKNOWN
FLSA-2006:168935

Source: BID
Type: UNKNOWN
16369

Source: CCN
Type: BID-16369
RCP Shell Utility Arbitrary Command Execution Vulnerability

Source: TRUSTIX
Type: UNKNOWN
2006-0004

Source: CCN
Type: TLSA-2009-15
Multiple vulnerabilities have been discovered in openssh

Source: CCN
Type: USN-255-1
openssh vulnerability

Source: UBUNTU
Type: UNKNOWN
USN-255-1

Source: CERT
Type: US Government Resource
TA07-072A

Source: CONFIRM
Type: UNKNOWN
http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html

Source: CONFIRM
Type: UNKNOWN
http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html

Source: VUPEN
Type: UNKNOWN
ADV-2006-0306

Source: VUPEN
Type: UNKNOWN
ADV-2006-2490

Source: VUPEN
Type: UNKNOWN
ADV-2006-4869

Source: VUPEN
Type: UNKNOWN
ADV-2007-0930

Source: VUPEN
Type: UNKNOWN
ADV-2007-2120

Source: CONFIRM
Type: UNKNOWN
http://www14.software.ibm.com/webapp/set2/sas/f/hmc/power5/install/v52.Readme.html#MH00688

Source: CONFIRM
Type: UNKNOWN
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=2751

Source: CCN
Type: HP Security Bulletin HPSBUX02178 SSRT061267
HP-UX Secure Shell Remote Denial of Service (DoS)

Source: CCN
Type: Red Hat Bugzilla Bug 174026
CVE-2006-0225 local to local copy uses shell expansion twice

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=174026

Source: XF
Type: UNKNOWN
openssh-scp-command-execution(24305)

Source: XF
Type: UNKNOWN
openssh-scp-command-execution(24305)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:1138

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:9962

Source: CCN
Type: Fedora Update Notification FEDORA-2006-056
Fedora Core 4 Update: openssh-4.2p1-fc4.10

Source: SUSE
Type: SUSE-SA:2006:008
openssh scponly privilege escalation

Source: CCN
Type: IBM Systems Support Web site
Support for HMC

Vulnerable Configuration:Configuration 1:
  • cpe:/a:openbsd:openssh:3.0:-:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.0.1:-:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.0.1p1:*:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.0.2:-:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.0.2p1:*:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.0p1:*:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.1:-:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.1p1:*:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.2:*:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.2.2p1:*:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.2.3p1:*:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.3:-:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.3p1:*:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.4:-:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.4p1:*:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.5:-:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.5p1:*:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.6:-:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.6.1:-:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.6.1p1:*:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.6.1p2:*:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.7:*:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.7.1:-:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.7.1p2:*:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.8:-:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.8.1:-:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.8.1p1:*:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.9:-:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.9.1:*:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.9.1p1:*:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:4.0p1:*:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:4.1p1:*:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:4.2p1:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:openbsd:openssh:3.0:-:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.2.2p1:*:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.4p1:*:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.4:-:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.6.1p2:*:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:4.1p1:*:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:4.0p1:*:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.0p1:*:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.0.1p1:*:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.0.1:-:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.0.2p1:*:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.0.2:-:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.1p1:*:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.1:-:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.2:*:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.2.3p1:*:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.3p1:*:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.3:-:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.5:-:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.5p1:*:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.6:-:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.6.1p1:*:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.6.1:-:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.7:*:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.7.1p2:*:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.7.1:-:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.8:-:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.8.1p1:*:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.8.1:-:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.9:-:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.9.1p1:*:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:3.9.1:*:*:*:*:*:*:*
  • OR cpe:/a:openbsd:openssh:4.2p1:*:*:*:*:*:*:*
  • AND
  • cpe:/a:openpkg:openpkg:current:*:*:*:*:*:*:*
  • OR cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:suse:linux_enterprise_server:8:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:b.11.00:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:b.11.11:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/o:sun:solaris:9:*:x86:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:b.11.23:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.2:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*
  • OR cpe:/o:sun:solaris:10:*:sparc:*:*:*:*:*
  • OR cpe:/o:sun:solaris:10:*:x86:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:10.0:*:oss:*:*:*:*:*
  • OR cpe:/o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*
  • OR cpe:/a:openpkg:openpkg:2.5:*:*:*:*:*:*:*
  • OR cpe:/o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.1:*:x86-64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2006:*:x86-64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.3:*:*:*:*:*:*:*
  • OR cpe:/o:sun:solaris:9:*:sparc:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:42410
    P
    		Security update for pcre (Important)
    2022-07-12
    oval:org.opensuse.security:def:20060225
    V
    		CVE-2006-0225
    2022-06-30
    oval:org.opensuse.security:def:42200
    P
    		Security update for ucode-intel (Important)
    2022-02-25
    oval:org.opensuse.security:def:113066
    P
    		openssh-8.4p1-7.4 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:32289
    P
    		Security update for libvirt (Important)
    2022-01-10
    oval:org.opensuse.security:def:31754
    P
    		Security update for libsndfile (Important)
    2022-01-05
    oval:org.opensuse.security:def:26186
    P
    		Security update for libqt4 (Important)
    2021-12-22
    oval:org.opensuse.security:def:31722
    P
    		Security update for xorg-x11-server (Important)
    2021-12-20
    oval:org.opensuse.security:def:31721
    P
    		Security update for log4j (Important)
    2021-12-17
    oval:org.opensuse.security:def:26182
    P
    		Security update for MozillaFirefox (Important)
    2021-12-12
    oval:org.opensuse.security:def:31714
    P
    		Security update for webkit2gtk3 (Important)
    2021-12-01
    oval:org.opensuse.security:def:32223
    P
    		Security update for postgresql, postgresql13, postgresql14 (Important)
    2021-11-20
    oval:org.opensuse.security:def:31306
    P
    		Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (Important)
    2021-11-19
    oval:org.opensuse.security:def:31698
    P
    		Security update for transfig (Important)
    2021-10-29
    oval:org.opensuse.security:def:106504
    P
    		openssh-8.4p1-7.4 on GA media (Moderate)
    2021-10-01
    oval:org.opensuse.security:def:31687
    P
    		Security update for sqlite3 (Important)
    2021-09-23
    oval:org.opensuse.security:def:31272
    P
    		Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (Important)
    2021-09-23
    oval:org.opensuse.security:def:32185
    P
    		Security update for ghostscript (Critical)
    2021-09-21
    oval:org.opensuse.security:def:32184
    P
    		Security update for openssl (Low)
    2021-09-20
    oval:org.opensuse.security:def:26129
    P
    		Security update for gtk-vnc (Moderate)
    2021-09-16
    oval:org.opensuse.security:def:26119
    P
    		Security update for file (Important)
    2021-09-02
    oval:org.opensuse.security:def:31261
    P
    		Security update for bind (Moderate)
    2021-08-30
    oval:org.opensuse.security:def:32175
    P
    		Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (Important)
    2021-08-25
    oval:org.opensuse.security:def:31260
    P
    		Security update for aspell (Important)
    2021-08-25
    oval:org.opensuse.security:def:26105
    P
    		Security update for MozillaFirefox (Important)
    2021-08-17
    oval:org.opensuse.security:def:32966
    P
    		Security update for curl (Moderate)
    2021-07-21
    oval:org.opensuse.security:def:26089
    P
    		Security update for MozillaFirefox (Important)
    2021-07-16
    oval:org.opensuse.security:def:32128
    P
    		Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)
    2021-06-18
    oval:org.opensuse.security:def:36255
    P
    		openssh-6.6p1-4.7 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:42662
    P
    		openssh-6.6p1-4.7 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:31627
    P
    		Security update for djvulibre (Important)
    2021-05-31
    oval:org.opensuse.security:def:32927
    P
    		Security update for postgresql96 (Moderate)
    2021-05-26
    oval:org.opensuse.security:def:31174
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:32088
    P
    		Security update for bind (Important)
    2021-05-04
    oval:org.opensuse.security:def:32079
    P
    		Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)
    2021-04-28
    oval:org.opensuse.security:def:32080
    P
    		Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP3) (Important)
    2021-04-28
    oval:org.opensuse.security:def:32272
    P
    		Security update for python (Moderate)
    2021-03-16
    oval:org.opensuse.security:def:31733
    P
    		Security update for java-1_8_0-openjdk (Moderate)
    2021-02-19
    oval:org.opensuse.security:def:31346
    P
    		Security update for java-1_8_0-openjdk (Moderate)
    2021-02-19
    oval:org.opensuse.security:def:32245
    P
    		Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)
    2021-02-10
    oval:org.opensuse.security:def:26146
    P
    		Security update for python3 (Important)
    2021-02-08
    oval:org.opensuse.security:def:32135
    P
    		Security update for postgresql, postgresql12, postgresql13 (Important)
    2021-01-26
    oval:org.opensuse.security:def:26075
    P
    		Security update for ImageMagick (Important)
    2021-01-22
    oval:org.opensuse.security:def:26061
    P
    		Security update for dovecot22 (Important)
    2021-01-04
    oval:org.opensuse.security:def:31100
    P
    		Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:31570
    P
    		Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:25977
    P
    		Security update for openssl-1_1 (Important)
    2020-12-10
    oval:org.opensuse.security:def:25973
    P
    		Security update for the Linux Kernel (Important)
    2020-12-09
    oval:org.opensuse.security:def:31089
    P
    		Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP3) (Important)
    2020-12-07
    oval:org.opensuse.security:def:31088
    P
    		Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP3) (Important)
    2020-12-07
    oval:org.opensuse.security:def:35620
    P
    		openssh-5.1p1-41.31.36 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:36352
    P
    		openssh-openssl1-6.6p1-10.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:35793
    P
    		openssh-5.1p1-41.51.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:42027
    P
    		openssh-5.1p1-41.31.36 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:42759
    P
    		openssh-openssl1-6.6p1-10.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:36003
    P
    		openssh-6.2p2-0.9.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:31939
    P
    		Security update for glibc (Important)
    2020-12-01
    oval:org.opensuse.security:def:25920
    P
    		Security update for gstreamer-plugins-base (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26522
    P
    		apache2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31818
    P
    		Security update for audiofile (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25547
    P
    		Security update for curl (Important)
    2020-12-01
    oval:org.opensuse.security:def:26327
    P
    		Security update for Chromium (Important)
    2020-12-01
    oval:org.opensuse.security:def:31975
    P
    		Security update for jasper (Important)
    2020-12-01
    oval:org.opensuse.security:def:26585
    P
    		libexif on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25552
    P
    		Security update for python3-requests (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31836
    P
    		Security update for bind (Important)
    2020-12-01
    oval:org.opensuse.security:def:32484
    P
    		PackageKit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26328
    P
    		used on wotan :) (Low)
    2020-12-01
    oval:org.opensuse.security:def:31481
    P
    		Security update for python (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25513
    P
    		Security update for java-11-openjdk (Important)
    2020-12-01
    oval:org.opensuse.security:def:26633
    P
    		python on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33218
    P
    		openssh on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25183
    P
    		Security update for libexif (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26792
    P
    		openssh on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25805
    P
    		Security update for flash-player (Important)
    2020-12-01
    oval:org.opensuse.security:def:25889
    P
    		Security update for mariadb (Important)
    2020-12-01
    oval:org.opensuse.security:def:27315
    P
    		virt-utils on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31807
    P
    		Security update for apache2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25769
    P
    		Security update for gd (Low)
    2020-12-01
    oval:org.opensuse.security:def:26483
    P
    		Security update for chromium (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25419
    P
    		Security update for kernel-firmware (Important)
    2020-12-01
    oval:org.opensuse.security:def:26243
    P
    		Security update for libpcap (Important)
    2020-12-01
    oval:org.opensuse.security:def:31926
    P
    		Recommended update for ghostscript-library (Important)
    2020-12-01
    oval:org.opensuse.security:def:32594
    P
    		perl-Tk on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25913
    P
    		Security update for tcpdump, libpcap (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31779
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:32428
    P
    		Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:32585
    P
    		openssh on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31470
    P
    		Security update for ppp
    2020-12-01
    oval:org.opensuse.security:def:32036
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:26619
    P
    		ntp on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33179
    P
    		libsamplerate on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25172
    P
    		Security update for bind (Important)
    2020-12-01
    oval:org.opensuse.security:def:25756
    P
    		Security update for python, python-base, python-doc (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31542
    P
    		Security update for samba (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26757
    P
    		libopensc2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25804
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:25850
    P
    		Security update for libreoffice (Low)
    2020-12-01
    oval:org.opensuse.security:def:26677
    P
    		clamav on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25685
    P
    		Security update for mariadb (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26434
    P
    		Security update for pdns (Important)
    2020-12-01
    oval:org.opensuse.security:def:31864
    P
    		Security update for curl (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33315
    P
    		openssh-openssl1 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25355
    P
    		Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:31870
    P
    		Security update for curl (Important)
    2020-12-01
    oval:org.opensuse.security:def:32475
    P
    		Security update for xscreensaver (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27001
    P
    		openssh on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25902
    P
    		Security update for ImageMagick (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31478
    P
    		Security update for puppet (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32546
    P
    		libadns1 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31469
    P
    		Security update for ppc64-diag
    2020-12-01
    oval:org.opensuse.security:def:31904
    P
    		Security update for foomatic-filters (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25978
    P
    		Security update for tcpdump, libpcap (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26580
    P
    		libQtWebKit4-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32541
    P
    		krb5-plugin-kdb-ldap on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25171
    P
    		Security update for mailman (Important)
    2020-12-01
    oval:org.opensuse.security:def:25628
    P
    		Security update for dpdk (Critical)
    2020-12-01
    oval:org.opensuse.security:def:31455
    P
    		Security update for postgresql10 (Important)
    2020-12-01
    oval:org.opensuse.security:def:25947
    P
    		Security update for freerdp (Important)
    2020-12-01
    oval:org.opensuse.security:def:32031
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:25801
    P
    		Security update for libvdpau (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26284
    P
    		Security update for taglib (Low)
    2020-12-01
    oval:org.opensuse.security:def:32757
    P
    		openssh on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25456
    P
    		Security update for ghostscript (Important)
    2020-12-01
    oval:org.opensuse.security:def:26381
    P
    		Security update for ffmpeg (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31842
    P
    		Security update for bzip2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:33276
    P
    		unixODBC_23 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25344
    P
    		Security update for krb5 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26008
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:32436
    P
    		Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:26966
    P
    		libpulse-browse0 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25901
    P
    		Security update for flash-player (Important)
    2020-12-01
    oval:org.opensuse.security:def:26022
    P
    		Security update for icu (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31908
    P
    		Security update for freetype2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31830
    P
    		Security update for bind (Critical)
    2020-12-01
    oval:org.opensuse.security:def:25894
    P
    		Security update for gstreamer-0_10-plugins-bad (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26531
    P
    		coolkey on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25564
    P
    		Security update for tomcat (Important)
    2020-12-01
    oval:org.opensuse.security:def:31398
    P
    		Security update for perl (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32572
    P
    		libvorbis on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27253
    P
    		openssh on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25748
    P
    		Security update for ImageMagick (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26270
    P
    		Security update for mariadb-100 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32718
    P
    		libmysqlclient15-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25375
    P
    		Security update for webkit2gtk3 (Important)
    2020-12-01
    oval:org.opensuse.security:def:26230
    P
    		Security update for libreoffice (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31803
    P
    		Security update for amanda (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32638
    P
    		bind on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25343
    P
    		Security update for kernel-firmware (Important)
    2020-12-01
    oval:org.opensuse.security:def:25880
    P
    		Security update for libvirt (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32387
    P
    		Security update for tomcat6 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26536
    P
    		dbus-1 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31819
    P
    		Security update for augeas (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25837
    P
    		Security update for ImageMagick (Important)
    2020-12-01
    oval:org.opensuse.security:def:26478
    P
    		Security update for nextcloud (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32014
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:26620
    P
    		openssh on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25553
    P
    		Security update for mutt (Important)
    2020-12-01
    oval:org.opensuse.security:def:31923
    P
    		Security update for ghostscript-library (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32533
    P
    		java-1_6_0-ibm on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27218
    P
    		libssh2-1 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31555
    P
    		Security update for sqlite3 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25597
    P
    		Security update for squid (Critical)
    2020-12-01
    oval:org.opensuse.security:def:26231
    P
    		Security update for mariadb-100 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25247
    P
    		Security update for libpng16 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32497
    P
    		cron on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25816
    P
    		Security update for libqt4 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32331
    P
    		Security update for samba (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25903
    P
    		Security update for util-linux (Important)
    2020-12-01
    oval:org.opensuse.security:def:27350
    P
    		openssh-openssl1 on GA media (Moderate)
    2020-12-01
    oval:org.mitre.oval:def:1138
    V
    		Security Vulnerability Relating to scp(1) Command May Allow Attackers to Execute Arbitrary Commands
    2014-06-09
    oval:org.mitre.oval:def:9962
    V
    		scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice.
    2013-04-29
    oval:com.redhat.rhsa:def:20060044
    P
    		RHSA-2006:0044: openssh security update (Low)
    2008-03-20
    oval:com.redhat.rhsa:def:20060298
    P
    		RHSA-2006:0298: openssh security update (Low)
    2008-03-20
    BACK
    openbsd openssh 3.0
    openbsd openssh 3.0.1
    openbsd openssh 3.0.1p1
    openbsd openssh 3.0.2
    openbsd openssh 3.0.2p1
    openbsd openssh 3.0p1
    openbsd openssh 3.1
    openbsd openssh 3.1p1
    openbsd openssh 3.2
    openbsd openssh 3.2.2p1
    openbsd openssh 3.2.3p1
    openbsd openssh 3.3
    openbsd openssh 3.3p1
    openbsd openssh 3.4
    openbsd openssh 3.4p1
    openbsd openssh 3.5
    openbsd openssh 3.5p1
    openbsd openssh 3.6
    openbsd openssh 3.6.1
    openbsd openssh 3.6.1p1
    openbsd openssh 3.6.1p2
    openbsd openssh 3.7
    openbsd openssh 3.7.1
    openbsd openssh 3.7.1p2
    openbsd openssh 3.8
    openbsd openssh 3.8.1
    openbsd openssh 3.8.1p1
    openbsd openssh 3.9
    openbsd openssh 3.9.1
    openbsd openssh 3.9.1p1
    openbsd openssh 4.0p1
    openbsd openssh 4.1p1
    openbsd openssh 4.2p1
    openbsd openssh 3.0
    openbsd openssh 3.2.2p1
    openbsd openssh 3.4p1
    openbsd openssh 3.4
    openbsd openssh 3.6.1p2
    openbsd openssh 4.1p1
    openbsd openssh 4.0p1
    openbsd openssh 3.0p1
    openbsd openssh 3.0.1p1
    openbsd openssh 3.0.1
    openbsd openssh 3.0.2p1
    openbsd openssh 3.0.2
    openbsd openssh 3.1p1
    openbsd openssh 3.1
    openbsd openssh 3.2
    openbsd openssh 3.2.3p1
    openbsd openssh 3.3p1
    openbsd openssh 3.3
    openbsd openssh 3.5
    openbsd openssh 3.5p1
    openbsd openssh 3.6
    openbsd openssh 3.6.1p1
    openbsd openssh 3.6.1
    openbsd openssh 3.7
    openbsd openssh 3.7.1p2
    openbsd openssh 3.7.1
    openbsd openssh 3.8
    openbsd openssh 3.8.1p1
    openbsd openssh 3.8.1
    openbsd openssh 3.9
    openbsd openssh 3.9.1p1
    openbsd openssh 3.9.1
    openbsd openssh 4.2p1
    openpkg openpkg current
    gentoo linux *
    suse linux enterprise server 8
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    hp hp-ux b.11.00
    hp hp-ux b.11.11
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    sun solaris 9
    suse suse linux 9.1
    redhat enterprise linux 3
    hp hp-ux b.11.23
    suse suse linux 9.2
    mandrakesoft mandrake linux 10.1
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    mandrakesoft mandrake multi network firewall 2.0
    sun solaris 10
    sun solaris 10
    suse suse linux 10.0
    redhat linux advanced workstation 2.1
    mandrakesoft mandrake linux 2006
    openpkg openpkg 2.5
    suse linux enterprise server 9
    mandrakesoft mandrake linux 10.1
    mandrakesoft mandrake linux 2006
    mandrakesoft mandrake linux corporate server 3.0
    turbolinux turbolinux fuji
    suse suse linux 9.3
    sun solaris 9