USN-3603-2: Paramiko vulnerability
20 March 2018
Paramiko could be made to run programs if it received specially crafted network traffic.
- paramiko - Make ssh v2 connections with Python
USN-3603-1 fixed a vulnerability in Paramiko. This update provides
the corresponding update for Ubuntu 12.04 ESM.
Original advisory details:
Matthijs Kooijman discovered that Paramiko's SSH server implementation
did not properly require authentication before processing requests. An
unauthenticated remote attacker could possibly use this to execute
- USN-3603-1: paramiko, python3-paramiko, python-paramiko