Lucene search

K
cve[email protected]CVE-2015-6564
HistoryAug 24, 2015 - 1:59 a.m.

CVE-2015-6564

2015-08-2401:59:00
CWE-264
web.nvd.nist.gov
2938
2
cve-2015-6564
openssh
security vulnerability
mm_answer_pam_free_ctx
sshd

7 High

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

9.7%

Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request.

CPENameOperatorVersion
openbsd:opensshopenbsd opensshle6.9

References

Social References

More

7 High

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

9.7%