topic RE: Security Notice - VN-2016-001 OpenSSH in Security

Security Notice - VN-2016-001 OpenSSH

Drew_C — Fri, 29 Jan 2016 05:10:00 GMT

This vulnerability notice provides the official technical response from Extreme Networks regarding the OpenSSH vulnerabilities identified in CVE-2016-0777 and CVE-2016-0778.
VN-2016-001 – OpenSSH

The impacts of these vulnerabilities include possible unauthorized disclosure of information.

Customers with a current maintenance and support contract may access the Support Portal at: http://support.extremenetworks.com/
If you have additional questions concerning this information, please contact your Extreme Networks representative, or comment in this thread.
NOTE: Extreme Vulnerability Notices are now posted on GTAC Knowledge.

RE: Security Notice - VN-2016-001 OpenSSH

Tonya_Lilly — Fri, 29 Jan 2016 05:57:00 GMT

How do I know if this affects me ?

RE: Security Notice - VN-2016-001 OpenSSH

Henrique — Fri, 29 Jan 2016 19:32:00 GMT

Hi Tonya,

You can check the link below and check if the platform is affected:

https://gtacknowledge.extremenetworks.com/articles/Vulnerability_Notice/VN-2016-001-OpenSSH

RE: Security Notice - VN-2016-001 OpenSSH

Ryan_Mathews — Fri, 29 Jan 2016 20:58:00 GMT

Perfect. Thanks Henrique. Glad to see you joined us!

This is the first Vulnerability we've distributed on GTAC Knowledge. Believe this change will make it easier for our customers & partners to find and take action on these critical notices.

Based on the amount of positive comments we got back yesterday, I believe the community approves!

RE: Security Notice - VN-2016-001 OpenSSH

Rainer_Adam — Tue, 16 Feb 2016 22:04:00 GMT

Is there a fix available for Netsight and NAC? I was not able to find more informations about this.

RE: Security Notice - VN-2016-001 OpenSSH

BrandonC — Tue, 16 Feb 2016 22:04:00 GMT

It looks like a fix for this will be available in NetSight 6.3 and 7.0, targeted for March 2016.

You can find this in the vulnerability notice linked below:
VN-2016-001 – OpenSSH