225 matches found
Design/Logic Flaw
An issue was discovered in PHP 5.x and 7.x, when the configuration uses apache2handler/modphp or php-fpm with OpCache enabled. With 5.x after 5.6.28 or 7.x after 7.0.13, the issue is resolved in a non-default configuration with the opcache.validatepermission=1 setting. The vulnerability details a...
CVE-2015-8994
An issue was discovered in PHP 5.x and 7.x, when the configuration uses apache2handler/modphp or php-fpm with OpCache enabled. With 5.x after 5.6.28 or 7.x after 7.0.13, the issue is resolved in a non-default configuration with the opcache.validatepermission=1 setting. The vulnerability details a...
The vulnerability of the shared memory manager of the sshd daemon used in OpenSSH encryption protection allows a hacker to increase their privileges.
The vulnerability of the manager of shared memory in the sshd daemon of the OpenSSH cryptographic protection mechanism arises from the execution of an operation beyond the buffer in memory. Exploiting this vulnerability allows a malicious actor, operating locally, to enhance their privileges by...
The vulnerability of the OpenSSH cryptographic protection mechanism, which allows a hacker to gain access to the protected information
The vulnerability in authfile.c of the sshd component of the OpenSSH cryptographic protection mechanism is related to the improper handling of the effect of implementing block memory reallocation functions. Exploiting this vulnerability can allow an attacker, operating locally, to gain access to...
DEBIAN-CVE-2016-8659
Bubblewrap before 0.1.3 sets the PRSETDUMPABLE flag, which might allow local users to gain privileges by attaching to the process, as demonstrated by sending commands to a PrivSep socket...
openSUSE Security Update : openssh (openSUSE-2017-184)
This update for openssh fixes several issues. These security issues were fixed : - CVE-2016-8858: The kexinputkexinit function in kex.c allowed remote attackers to cause a denial of service memory consumption by sending many duplicate KEXINIT requests bsc1005480. - CVE-2016-10012: The shared memo...
FreeBSD : FreeBSD -- OpenSSH multiple vulnerabilities (2c948527-d823-11e6-9171-14dae9d210b8)
The ssh-agent1 agent supports loading a PKCS11 module from outside a trusted whitelist. An attacker can request loading of a PKCS11 module across forwarded agent-socket. CVE-2016-10009 When privilege separation is disabled, forwarded Unix domain sockets would be created by sshd8 with the privileg...
FreeBSD-SA-17:01.openssh
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-17:01.openssh Security Advisory The FreeBSD Project Topic: OpenSSH multiple vulnerabilities Category: contrib Module: OpenSSH Announced: 2017-01-11 Affects: All...
FreeBSD -- OpenSSH multiple vulnerabilities
Problem Description: The ssh-agent1 agent supports loading a PKCS11 module from outside a trusted whitelist. An attacker can request loading of a PKCS11 module across forwarded agent-socket. CVE-2016-10009 When privilege separation is disabled, forwarded Unix domain sockets would be created by...
CVE-2016-10012
The shared memory manager associated with pre-authentication compression in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to t...
ALPINE-CVE-2016-10010
sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c...
DEBIAN-CVE-2016-10011
authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process...
DEBIAN-CVE-2016-10010
sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c...
CVE-2016-10010
sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c...
Design/Logic Flaw
sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c...
CVE-2016-10010
sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c...
CVE-2016-10012
The shared memory manager associated with pre-authentication compression in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to t...
CVE-2016-10010
sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c...
CVE-2016-10012
The shared memory manager associated with pre-authentication compression in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to t...
CVE-2016-10012
The shared memory manager associated with pre-authentication compression in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to t...