Amazon Linux 1 Security Advisory: ALAS-2012-99
Advisory Release Date: 2012-07-05 16:18 Pacific
Advisory Updated Date: 2014-09-14 16:32 Pacific
A denial of service flaw was found in the OpenSSH GSSAPI authentication implementation. A remote, authenticated user could use this flaw to make the OpenSSH server daemon (sshd) use an excessive amount of memory, leading to a denial of service. GSSAPI authentication is enabled by default ("GSSAPIAuthentication yes" in "/etc/ssh/sshd_config"). (CVE-2011-5000)
Affected Packages:
openssh
Issue Correction:
Run yum update openssh to update your system.
i686:
openssh-ldap-5.3p1-81.17.amzn1.i686
openssh-debuginfo-5.3p1-81.17.amzn1.i686
openssh-5.3p1-81.17.amzn1.i686
openssh-server-5.3p1-81.17.amzn1.i686
openssh-clients-5.3p1-81.17.amzn1.i686
pam_ssh_agent_auth-0.9-81.17.amzn1.i686
src:
openssh-5.3p1-81.17.amzn1.src
x86_64:
openssh-server-5.3p1-81.17.amzn1.x86_64
openssh-5.3p1-81.17.amzn1.x86_64
openssh-debuginfo-5.3p1-81.17.amzn1.x86_64
openssh-clients-5.3p1-81.17.amzn1.x86_64
openssh-ldap-5.3p1-81.17.amzn1.x86_64
pam_ssh_agent_auth-0.9-81.17.amzn1.x86_64