tupelo_operatio
Contributor
Contributor

OpenSSH GSSAPI allows elevated privileges

Would any of you guys know what patch addresses the "OpenSSH GSSAPI allows elevated privileges" vulnerability? During a scan, 1 of our 11 ESX 3.5U4 hosts was dinged for this...no idea why the other 10 weren't. Any information would be appreciated.

Message was edited by: Texiwill: Removed microsoft word foo

0 Kudos
3 Replies
Texiwill
Leadership
Leadership

Hello,

This depends on how the scan was being done. I would compare OpenSSH versions as well as from where 10/11 have gotten their OpenSSH. All patches should come from VMware but it sounds like someone patched OpenSSH by hand.... However, also run 'esxupdate' with the appropriate option to list the patches on a working host and then on the 11th to determine if this one is out of sync. If the patch list is the same then most likely someone switched out OpenSSH on the 10 working hosts.


Best regards,
Edward L. Haletky VMware Communities User Moderator, VMware vExpert 2009

Virtualization Practice Analyst[/url]
Now Available: 'VMware vSphere(TM) and Virtual Infrastructure Security'[/url]
Also available 'VMWare ESX Server in the Enterprise'[/url]
[url=http://www.astroarch.com/wiki/index.php/Blog_Roll]SearchVMware Pro[/url]|Blue Gears[/url]|Top Virtualization Security Links[/url]|
[url=http://www.astroarch.com/wiki/index.php/Virtualization_Security_Round_Table_Podcast]Virtualization Security Round Table Podcast[/url]

--
Edward L. Haletky
vExpert XIV: 2009-2022,
VMTN Community Moderator
vSphere Upgrade Saga: https://www.astroarch.com/blogs
GitHub Repo: https://github.com/Texiwill
0 Kudos
tupelo_operatio
Contributor
Contributor

I am sure that no one has updated OpenSSH on these hosts as I am the one who updates these servers and I have not had a chance to update hosts in quite some time.

0 Kudos
Texiwill
Leadership
Leadership

Hello,

Then I would compare 'esxupdate' output to determine what is different on this host. Also, how is this test done, looking at version numbers or looking for the actual vulnerability. If it is versions numbers it could be a false positive.


Best regards,
Edward L. Haletky VMware Communities User Moderator, VMware vExpert 2009

Virtualization Practice Analyst[/url]
Now Available: 'VMware vSphere(TM) and Virtual Infrastructure Security'[/url]
Also available 'VMWare ESX Server in the Enterprise'[/url]
[url=http://www.astroarch.com/wiki/index.php/Blog_Roll]SearchVMware Pro[/url]|Blue Gears[/url]|Top Virtualization Security Links[/url]|
[url=http://www.astroarch.com/wiki/index.php/Virtualization_Security_Round_Table_Podcast]Virtualization Security Round Table Podcast[/url]

--
Edward L. Haletky
vExpert XIV: 2009-2022,
VMTN Community Moderator
vSphere Upgrade Saga: https://www.astroarch.com/blogs
GitHub Repo: https://github.com/Texiwill
0 Kudos