Developers Documentation



301 error for file:

User Tools

Site Tools

OpenSSH 4.3 is Vulnerable

This entry from Security Metrics is followed up with a long laundry list of CVEs. The main one is CVE-2006-5051.

While this version of ClearOS run version 4.3 of Apache, fixes to the code will be maintained until September 2013 for ClearOS Enterprise (free) and December 2015 for ClearOS Enterprise (free).

Make sure your ClearOS is up to date.

ClearCenter response

Short response

ClearOS contains backported fixes for SSH 4.3.

Long response

Reports that ClearOS are affected by this vulnerability are grossly inaccurate and represent an inability for the audit system to properly distinguish between normal and backported versions of SSH running on Linux.


Run updates to ensure that you are up to date.

yum update
content/en_us/kb_3rdparty_security_metrics_openssh_4.3_is_vulnerable.txt · Last modified: 2015/01/29 09:46 (external edit)