Learn about Redwood and be one of the first to join the conversation

Visit Redwood Community
Please update to the new version of OpenSSH on Oracle Linux 7.9 — Cloud Customer Connect
You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

Please update to the new version of OpenSSH on Oracle Linux 7.9

Accepted answer
4
Views
4
Comments

I found that my server was "lucky" to be on shodan.

In the "Vulnerabilities" section, we are facing two security vulnerabilities related to OpenSSH, CVE-2018-15919 and CVE-2017-15906.

Although it was noted that "the device may not be engaged by all of these issues. The vulnerabilities are implied based on the software and version." but when I check the OpenSSH version on the server, it is true that the current version is at risk of being exploited by the above 2 vulnerabilities.

I tried running "yum update" but there is no newer version for OpenSSH, and now the latest version (also the one I am using) is "OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017" with the operating system Oracle Linux 7.9 build 2021.08.27-0.

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!