logo
DATABASE RESOURCES PRICING ABOUT US

Solaris SunSSH libpam buffer overflow

Description

Added: 01/08/2021 ### Background [SunSSH](<https://docs.oracle.com/cd/E53394_01/html/E54793/sshuser-6.html>) is a fork of [OpenSSH](<https://www.openssh.com/>) for Solaris. It provides remote login capability on Solaris platforms. ### Problem A buffer overflow vulnerability in `**libpam**` could allow a remote attacker to execute arbitrary commands by sending a specially crafted authentication request to SunSSH. ### Resolution Apply the patch referenced in [Patch Availability Document 2711819](<https://support.oracle.com/rs?type=doc&id=2711819.1>). ### References <https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixSUNS> <https://www.exploit-db.com/exploits/49261> ### Limitations Exploit has been tested on Solaris 11.0. The libssh2 library must be installed on the scanning system. ### Platforms Solaris