It was found that ssh-agent could load PKCS#11 modules from arbitrary paths. An attacker having control of the forwarded agent-socket on the server, and the ability to write to the filesystem of the client host, could use this flaw to execute arbitrary code with the privileges of the user running ssh-agent.

References

bugzilla.redhat.com/show_bug.cgi?id=1406269

www.openssh.com/txt/release-7.4

nessus 86

cloudlinux 1

alpinelinux 2

debiancve 2

osv 3

myhack58 1

seebug 1

f5 2

prion 2

cve 2

packetstorm 2

ubuntucve 2

zdt 1

freebsd 2

openvas 31

broadcom 1

ibm 19

amazon 3

freebsd_advisory 1

veracode 1

fedora 1

archlinux 1

symantec 1

slackware 1

aix 1

oraclelinux 1

ubuntu 1

cloudfoundry 1

redhat 1

centos 1

debian 1

rosalinux 1

ics 2

apple 2

nessus

Fedora 25 : openssh (2017-4767e2991d)

2017-01-10 00:00:00

F5 Networks BIG-IP : OpenSSH vulnerability (K31440025)

2018-12-17 00:00:00

EulerOS 2.0 SP1 : openssh (EulerOS-SA-2017-1055)

2017-05-01 00:00:00

cloudlinux

Fixed CVE-2016-10009 in openssh-5.3p1

2022-07-04 19:13:43

alpinelinux

CVE-2016-10009

2017-01-05 02:59:00

CVE-2023-38408

2023-07-20 03:15:10

debiancve

CVE-2016-10009

2017-01-05 02:59:00

CVE-2023-38408

2023-07-20 03:15:10

osv

CVE-2016-10009

2017-01-05 02:59:03

CVE-2023-38408

2023-07-20 03:15:10

openssh - security update

2018-09-10 00:00:00

myhack58

OpenSSH is now in the risk of vulnerabilities can cause remote code execution-vulnerability warning-the black bar safety net

2016-12-21 00:00:00

seebug

OpenSSH remote code execution vulnerability, CVE-2016-10009）

2016-12-21 00:00:00

K31440025 : OpenSSH vulnerability CVE-2016-10009

2017-01-24 00:00:00

K000135709 : OpenSSH vulnerability CVE-2023-38408

2023-08-02 00:00:00

prion

Design/Logic Flaw

2017-01-05 02:59:00

Remote code execution

2023-07-20 03:15:00

cve

CVE-2016-10009

2017-01-05 02:59:00

CVE-2023-38408

2023-07-20 03:15:10

packetstorm

OpenSSH Arbitrary Library Loading

2016-12-23 00:00:00

OpenSSH Forwarded SSH-Agent Remote Code Execution

2023-07-20 00:00:00

ubuntucve

CVE-2016-10009

2017-01-04 00:00:00

CVE-2023-38408

2023-07-19 00:00:00

zdt

OpenSSH 7.4 - agent Protocol Arbitrary Library Loading Vulnerability

2016-12-23 00:00:00

freebsd

FreeBSD -- OpenSSH multiple vulnerabilities

2017-01-11 00:00:00

openssh -- multiple vulnerabilities

2016-12-25 00:00:00

openvas

Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2017-1054)

2020-01-23 00:00:00

Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2023-2921)

2023-10-10 00:00:00

Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2023-3102)

2023-11-01 00:00:00

broadcom

The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution (CVE-2023-38408)

2023-11-07 00:00:00

ibm

Security Bulletin: Vulnerabilities in SSH affect IBM DataPower Gateways (CVE-2016-10009, CVE-2016-10012)

2021-06-08 22:18:27

Security Bulletin: IBM Flex System FC5022 16Gb SAN Scalable Switch is affected by vulnerabilities in OpenSSH

2019-01-31 02:25:02

Security Bulletin: IBM MQ Appliance is affected by OpenSSH vulnerabilities

2019-08-13 19:08:35

amazon

Important: openssh

2023-08-03 18:09:00

Important: openssh

2023-08-17 11:39:00

Medium: openssh

2017-10-03 11:00:00

freebsd_advisory

FreeBSD-SA-17:01.openssh

2017-01-11 00:00:00

veracode

Remote Code Execution (RCE)

2023-07-20 11:22:49

fedora

[SECURITY] Fedora 25 Update: openssh-7.4p1-1.fc25

2017-01-06 20:25:39

archlinux

[ASA-201612-20] openssh: multiple issues

2016-12-22 00:00:00

symantec

SA144 : OpenSSH Vulnerabilities January 2017

2017-03-02 08:00:00

slackware

[slackware-security] openssh

2016-12-24 01:35:34

aix

Vulnerabilities in OpenSSH affect AIX.

2017-02-05 23:36:10

oraclelinux

openssh security, bug fix, and enhancement update

2017-08-07 00:00:00

ubuntu

OpenSSH vulnerabilities

2018-01-22 00:00:00

cloudfoundry

USN-3538-1: OpenSSH vulnerabilities | Cloud Foundry

2018-02-01 00:00:00

redhat

(RHSA-2017:2029) Moderate: openssh security, bug fix, and enhancement update

2017-08-01 05:57:17

centos

openssh, pam_ssh_agent_auth security update

2017-08-24 01:40:16

debian

[SECURITY] [DLA 1500-1] openssh security update

2018-09-10 08:44:17

rosalinux

Advisory ROSA-SA-2021-1938

2021-07-02 17:38:20

ics

Siemens SCALANCE X-200RNA Switch Devices

2022-12-19 12:00:00

Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1

2023-12-14 12:00:00

apple

About the security content of macOS Sierra 10.12.4, Security Update 2017-001 El Capitan, and Security Update 2017-001 Yosemite - Apple Support

2017-08-29 02:52:03

About the security content of macOS Sierra 10.12.4, Security Update 2017-001 El Capitan, and Security Update 2017-001 Yosemite

2017-03-27 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

7.3 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON

Related for RH:CVE-2016-10009