Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2012-5536
HistoryFeb 22, 2013 - 12:55 a.m.

CVE-2012-5536

2013-02-2200:55:00
CWE-20
[email protected]
web.nvd.nist.gov

6.2 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

6.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

A certain Red Hat build of the pam_ssh_agent_auth module on Red Hat Enterprise Linux (RHEL) 6 and Fedora Rawhide calls the glibc error function instead of the error function in the OpenSSH codebase, which allows local users to obtain sensitive information from process memory or possibly gain privileges via crafted use of an application that relies on this module, as demonstrated by su and sudo.

Affected configurations

NVD
Node
fedora_projectfedora_release_rawhideMatch-
OR
redhatenterprise_linuxMatch6.0

Related

openvas 6
oraclelinux 1
redhat 2
nessus 6
cvelist 1
centos 1
amazon 1
veracode 1
cve 1
prion 1
openvas
openvas
RedHat Update for openssh RHSA-2013:0519-02
2013-02-22 00:00:00
Amazon Linux: Security Advisory (ALAS-2013-165)
2015-09-08 00:00:00
CentOS Update for openssh CESA-2013:0519 centos6
2013-03-12 00:00:00
oraclelinux
oraclelinux
openssh security, bug fix and enhancement update
2013-02-22 00:00:00
redhat
redhat
(RHSA-2013:0519) Moderate: openssh security, bug fix and enhancement update
2013-02-21 00:00:00
(RHSA-2013:0579) Important: rhev-hypervisor6 security, bug fix, and enhancement update
2013-02-28 00:00:00
nessus
nessus
CentOS 6 : openssh (CESA-2013:0519)
2013-03-10 00:00:00
Scientific Linux Security Update : openssh on SL6.x i386/x86_64 (20130221)
2013-03-01 00:00:00
RHEL 6 : openssh (RHSA-2013:0519)
2013-02-21 00:00:00
cvelist
cvelist
CVE-2012-5536
2013-02-22 00:00:00
centos
centos
openssh, pam_ssh_agent_auth security update
2013-02-27 19:37:07
amazon
amazon
Medium: openssh
2013-03-02 16:51:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 01:14:35
cve
cve
CVE-2012-5536
2013-02-22 00:55:00
prion
prion
Code injection
2013-02-22 00:55:00

6.2 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

6.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON
Related for NVD:CVE-2012-5536
openvas6oraclelinux1redhat2nessus6cvelist1centos1amazon1veracode1cve1prion1