漏洞修复--OpenSSH权限提升漏洞(CVE-2021-41617)
2023-09-14 09:15:20 时间
1. 漏洞描述:
官方已发布安全版本修复漏洞,腾讯安全专家建议受影响的用户请尽快更新至安全版本。
安全版本:OpenSSH 8.8
用户可根据所使用的发行版本,升级修复。
查看OpenSSH版本:rpm -qa | grep openssh
升级OpenSSL版本:yum -y install openssh
centos7 用户,建议升级到如下版本:openssh-7.4p1-22.el7_9
centos8 用户,建议升级到如下版本:openssh-8.0p1-13.el8
扫描到服务器存在漏洞风险,建议立即对相关主机进行快照备份,避免遭受损失。
2. 解决方法
使用阿里云或者腾讯云的仓库,具体方法其他文章有说明
sudo yum update -y openssh openssh-server openssh-clients
3. 修复过程
# sudo yum update -y openssh openssh-server openssh-clients
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
Resolving Dependencies
--> Running transaction check
---> Package openssh.x86_64 0:7.4p1-21.el7 will be updated
---> Package openssh.x86_64 0:7.4p1-22.el7_9 will be an update
---> Package openssh-clients.x86_64 0:7.4p1-21.el7 will be updated
---> Package openssh-clients.x86_64 0:7.4p1-22.el7_9 will be an update
---> Package openssh-server.x86_64 0:7.4p1-21.el7 will be updated
---> Package openssh-server.x86_64 0:7.4p1-22.el7_9 will be an update
--> Finished Dependency Resolution
Dependencies Resolved
===========================================================================================================================================================================
Package Arch Version Repository Size
===========================================================================================================================================================================
Updating:
openssh x86_64 7.4p1-22.el7_9 updates 510 k
openssh-clients x86_64 7.4p1-22.el7_9 updates 655 k
openssh-server x86_64 7.4p1-22.el7_9 updates 459 k
Transaction Summary
===========================================================================================================================================================================
Upgrade 3 Packages
Total download size: 1.6 M
Downloading packages:
Delta RPMs disabled because /usr/bin/applydeltarpm not installed.
(1/3): openssh-7.4p1-22.el7_9.x86_64.rpm | 510 kB 00:00:00
(2/3): openssh-clients-7.4p1-22.el7_9.x86_64.rpm | 655 kB 00:00:00
(3/3): openssh-server-7.4p1-22.el7_9.x86_64.rpm | 459 kB 00:00:00
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 2.2 MB/s | 1.6 MB 00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Updating : openssh-7.4p1-22.el7_9.x86_64 1/6
Updating : openssh-server-7.4p1-22.el7_9.x86_64 2/6
Updating : openssh-clients-7.4p1-22.el7_9.x86_64 3/6
Cleanup : openssh-clients-7.4p1-21.el7.x86_64 4/6
Cleanup : openssh-server-7.4p1-21.el7.x86_64 5/6
Cleanup : openssh-7.4p1-21.el7.x86_64 6/6
Verifying : openssh-server-7.4p1-22.el7_9.x86_64 1/6
Verifying : openssh-clients-7.4p1-22.el7_9.x86_64 2/6
Verifying : openssh-7.4p1-22.el7_9.x86_64 3/6
Verifying : openssh-clients-7.4p1-21.el7.x86_64 4/6
Verifying : openssh-7.4p1-21.el7.x86_64 5/6
Verifying : openssh-server-7.4p1-21.el7.x86_64 6/6
Updated:
openssh.x86_64 0:7.4p1-22.el7_9 openssh-clients.x86_64 0:7.4p1-22.el7_9 openssh-server.x86_64 0:7.4p1-22.el7_9
Complete!
4. 重新扫描
相关文章
- Discuz论坛附件下载权限绕过漏洞
- ansible生产环境使用场景(八):批量修复Linux Polkit权限提升漏洞
- CVE-2021-42287 CVE-2021-42278域提权漏洞复现
- 权限漏洞:水平权限漏洞、垂直权限漏洞
- 心血漏洞(OpenSSL升级)[通俗易懂]
- 漏洞复现 - - - Alibaba Nacos权限认证绕过
- 【说站】php有哪些文件包含漏洞
- 【漏洞复现】通过Redis未授权访问漏洞获取权限
- 预装恶意软件-火绒安全软件个人版针对恶意修改系统文件权限行为防护的漏洞
- 基于开源软件漏洞的攻击今年将上升 20%
- 每日安全资讯:全部 Docker 版本都存在漏洞,允许攻击者获得主机 root 访问权限
- 研究发现超过 40 个 Windows 设备驱动程序包含提升权限的漏洞
- 漏洞预警:Zabbix高危SQL注入漏洞,可获取系统权限
- 处理SUSE Linux非安全权限漏洞,运维的都知道!
- MSSQL注入攻击之查询用户名漏洞(mssql注入查用户名)
- mssql注入漏洞利用:黑客获取Shell权限(mssql注入shell)
- Linux用户要注意修复漏洞