{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[],"affected_systems_content":"

OpenSSH versions ant\u00e9rieures \u00e0 la version 4.2p1.

","content":"## Description\n\nDeux vuln\u00e9rabilit\u00e9s dans OpenSSH permettent \u00e0 un utilisateur mal\nintentionn\u00e9 de contourner la politique de s\u00e9curit\u00e9, d'avoir acc\u00e8s \u00e0 des\ninformations non autoris\u00e9es ou d'\u00e9lever ses privil\u00e8ges.\n\n## Solution\n\nMettre \u00e0 jour OpenSSH en version 4.2p1. \nOpenSSH peut se t\u00e9l\u00e9charger \u00e0 l'adresse suivante :\n\n ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/\n","cves":[],"links":[{"title":"Mise \u00e0 jour Fedora : Fedora Core 3","url":"http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/"},{"title":"Annonce de la sortie de OpenSSH version 4.2 du 01 septembre 2005 :","url":"http://www.mindrot.org/pipermail/openssh-unix-announce/2005-September/000083.html"},{"title":"Bulletin de s\u00e9curit\u00e9 Red Hat :","url":"http://rhn.redhat.com/errata/RHSA-2005-527.html"},{"title":"Site Internet de OpenSSH :","url":"http://www.openssh.com"},{"title":"Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2005:172 du 6 octobre 2005 :","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2005:172"}],"reference":"CERTA-2005-AVI-329","revisions":[{"description":"version initiale.","revision_date":"2005-09-05T00:00:00.000000"},{"description":"Mise \u00e0 jour Fedora.","revision_date":"2005-09-09T00:00:00.000000"},{"description":"Bulletin de s\u00e9curit\u00e9 Red Hat.","revision_date":"2005-10-06T00:00:00.000000"},{"description":"Bulletin de s\u00e9curit\u00e9 Mandriva.","revision_date":"2005-10-07T00:00:00.000000"}],"risks":[{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"},{"description":"Divulgation d'information"}],"summary":null,"title":"Vuln\u00e9rabilit\u00e9 de OpenSSH","vendor_advisories":[{"published_at":null,"title":"Annonce de la sortie de OpenSSH version 4.2 du 01 septembre 2005","url":null}]}