Support Center > Search Results > SecureKnowledge Details
Status of OpenSSH CVEs Technical Level
Solution

This article lists known CVEs for OpenSSH and their status for the OpenSSH packages used in SecurePlatform R70 and above and in Gaia OS. This article does not list all the known CVEs for OpenSSH - only those that were explicitly checked by Check Point.

  • To check if the installed OpenSSH package is patched against a CVE (e.g., for CVE-2006-4924), run:

    [Expert@Hostname]# rpm -q --changelog $(rpm -qa | grep openssh) | grep CVE-2006-4924

    Output should loook like:
    - CVE-2006-4924 - prevent DoS on deattack detector (#207957)


  • The rpm -qa | grep ssh command can be used to verify the OpenSSH package version installed on a given machine. This version can be correlated with CVE fixes integrated.

    Example:

    [Expert@Hostname]# rpm -qa | grep ssh
    openssh-4.3p2-26.1.cp990150005
    openssh-server-4.3p2-26.1.cp990150005
    openssh-clients-4.3p2-26.1.cp990150005
CVE Comment
2019
CVE-2019-16905 Not vulnerable
2018
CVE-2018-15919  Not relevant - GSS API Authentication is not enabled on Gaia OS
CVE-2018-15473 Refer to
2017
CVE-2017-15906 Not vulnerable
2016
CVE-2016-8858 OpenSSH upstream does not consider this as a security issue. 
CVE-2016-3115 Not relevant. Default setting in Check Point 'sshd_config' file is 'X11Forwarding=no'.
CVE-2016-0778 Not vulnerable. Refer to sk109636.
CVE-2016-0777 Not vulnerable. Refer to sk109636.
CVE-2016-6515 Not vulnerable 
CVE-2015-6565 Not vulnerable 
CVE-2016-6210 Low exploitability, contact Check Point Support 
CVE-2016-1907 Not vulnerable 
CVE-2016-1908 Not relevant 
CVE-2016-10009 Not relevant
CVE-2016-10011 Not relevant 
CVE-2016-10012 Not relevant 
CVE-2016-10010 Not relevant 
CVE-2016-10708 Not vulnerable 
2015
CVE-2015-6565 Not vulnerable 
CVE-2015-6564 Not vulnerable
CVE-2015-5600 Not vulnerable
CVE-2015-5352 Not vulnerable
CVE-2015-6563 Requires Expert access to the system. Refer to sk133652.
CVE-2015-8325 Not vulnerable 
2014
CVE-2014-2653 Not relevant 
CVE-2014-2532 Not relevant. Check Point does not use wildcards in 'sshd_config' file.
CVE-2014-1692 Not vulnerable
2013
CVE-2013-2566 False positive. Refer to sk93395.
2012
CVE-2012-0814 Not relevant. This is a Debian OpenSSH vulnerability, and it does not affect Red Hat OpenSSH
2011
CVE-2011-5000 Not vulnerable
CVE-2011-4327 Not vulnerable
2010
CVE-2010-4755 Not vulnerable
CVE-2010-4478 Not vulnerable
CVE-2010-5107 Low impact. Fixed in R77.10.
2009
CVE-2009-2904 Not vulnerable
2008
CVE-2008-5161 Not vulnerable. Very low impact. Refer to sk36343.
CVE-2008-3259 Not vulnerable
CVE-2008-1657 Not vulnerable
CVE-2008-1483 Not vulnerable since R70 GA
CVE-2008-3234 Not relevant
CVE-2008-4109 Not relevant
CVE-2008-2359 Not relevant 
2007
CVE-2007-2768 Not vulnerable
CVE-2007-4752 Not vulnerable
CVE-2007-3102 Not vulnerable
CVE-2007-2243 Not vulnerable
CVE-2007-0726 Not relevant (bug in OpenSSH on Mac OS X)
2006
CVE-2006-5794 Not vulnerable since R65 GA
CVE-2006-5052 Not vulnerable
CVE-2006-5051 Not vulnerable. Refer to sk61744.
CVE-2006-4924 Not vulnerable. Refer to sk61744.
CVE-2006-0225 Not vulnerable
CVE-2006-5229 Issue is not reproducible 
CVE-2006-4925 Not relevant (this is a client-side crash, not DoS) 
2005
CVE-2005-2798 Not vulnerable
CVE-2005-2797 Not vulnerable
CVE-2005-2666 Vulnerability is not severe. The fix is too risky.
2004
CVE-2004-2069 Not vulnerable
CVE-2004-1653 Configuration issue. Can be disabled if desired (by changing the 'AllowTcpForwarding' option
in the /etc/ssh/sshd_config configuration file)
However, it does not look relevant for SecurePlatform users.
2003
CVE-2003-1562 Not vulnerable since R70 GA
CVE-2003-0787 Not vulnerable
CVE-2003-0695 Not vulnerable since R70 GA
CVE-2003-0693 Not vulnerable since R70 GA
CVE-2003-0682 Not vulnerable since R70 GA
CVE-2003-0386 Not vulnerable

 

Not relevant:

  • Either Check Point does not use the vulnerable code.
  • Or Check Point does not have this code in released versions.
  • Or Check Point changed the code in such a way that this vulnerability does not apply anymore.

 

Not vulnerable:  The issue was relevant to Check Point code and Check Point has already fixed it.

Relevant: The issue exists in Check Point code.

Applies To:
  • This sk is merged with sk103087

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment