[USN-3603-2] Paramiko vulnerability
steve.beattie at canonical.com
Tue Mar 20 19:31:26 UTC 2018
Ubuntu Security Notice USN-3603-2
March 20, 2018
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 ESM
Paramiko could be made to run programs if it received specially
crafted network traffic.
- paramiko: Make ssh v2 connections with Python
USN-3603-1 fixed a vulnerability in Paramiko. This update provides
the corresponding update for Ubuntu 12.04 ESM.
Original advisory details:
Matthijs Kooijman discovered that Paramiko's SSH server implementation
did not properly require authentication before processing requests. An
unauthenticated remote attacker could possibly use this to execute
The problem can be corrected by updating your system to the following
Ubuntu 12.04 ESM:
After a standard system update you need to restart any applications
using Paramiko's server implementation to make all the necessary changes.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: not available
More information about the ubuntu-security-announce