Network Appliance Information for VU#333628

OpenSSH contains buffer management errors

Status

Affected

Vendor Statement

This issue applies only to SecureAdmin on Data ONTAP versions earlier than 6.4.3, and SecureAdmin for NetCache releases earlier than 5.5R2.

All current releases (NetCache 5.6, 6.0 and 6.1, and Filer 6.5, 7.0, 7.1, 7.2, 7.3 and 10.0) have been secured against this issue.

If you have an affected release:

    Disable the SSH server on the filer or NetCache appliance, or if it must remain enabled, ensure that the ssh.access option (config.admin.trusted_hosts in NetCache) is used to restrict ssh connections to authorized administrative hosts.

    Vendor Information

    The vendor has not provided us with any further information regarding this vulnerability.

    Vendor References

    None

    Addendum

    We have no additional comments at this time.

    If you have feedback, comments, or additional information about this vulnerability, please send us email.