45 matches found
CVE-2015-8325
The dosetupenv function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pamenvironment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as...
CVE-2015-8325
The dosetupenv function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pamenvironment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as...
CVE-2015-8325
CVE-2015-8325 affects OpenSSH sshd where, with UseLogin enabled and PAM reading user .pam_environment files, a local user can trigger a crafted environment for /bin/login (eg via LD_PRELOAD) to gain privileges. Affected context in the provided connected documents centers on OpenSSH scenarios in v...
CVE-2015-8325
The dosetupenv function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pamenvironment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as...
CVE-2015-8325
The dosetupenv function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pamenvironment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as...
UBUNTU-CVE-2015-8325
The dosetupenv function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pamenvironment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as...
Debian Security Advisory DSA 3550-1 (openssh - security update)
Shayan Sadigh discovered a vulnerability in OpenSSH: If PAM support is enabled and the sshd PAM configuration is configured to read userspecified environment variables and the UseLogin option is enabled, a local user may escalate her privileges to root. In Debian UseLogin is not enabled by defaul...
DSA-3550-1 openssh - security update
Bulletin has no description...
Debian Security Advisory DSA 091-1 (ssh)
The remote host is missing an update to ssh announced via advisory DSA 091-1. OpenVAS Vulnerability Test $Id: deb0911.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 091-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
OpenSSH < 3.0.2 'UseLogin Environment Variables' RCE Vulnerability
OpenSSH is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2005 by EMAZE Networks S.p.A. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
OpenSSH < 2.1.1 UseLogin Local Privilege Escalation
Binary data 1991.prm...
OpenSSH < 3.0.2 UseLogin Environment Variable Local Command Execution
Binary data 1992.prm...
CVE-2001-0872
Technical details for CVE-2001-0872 are not provided in the connected documents. The initial description notes OpenSSH 3.0.1 with UseLogin and LD_PRELOAD cleansing issue. Monitor for updates.
UseLogin.txt
-- OpenSSH UseLogin bug proof of concept exploit -- by WaR / http://www.genhex.org -- Intro -- I was very curious in finding out how to exploit this problem. Although I don't think anyone uses this feature, I looked into the matter anyway. Here it goes. It was tested on the following platforms: -...
[SECURITY] [DSA-091-1] OpenSSH UseLogin vulnerability
Package : ssh Problem type : influencing login Debian-specific: no If the UseLogin feature is enabled in for ssh local users could pass environment variables including variables like LDPRELOAD to the login process. This has been fixed by not copying the environment of UseLogin is enabled. Please...
OpenSSH UseLogin directive permits privilege escalation
Overview OpenSSH is an implementation of the Secure Shell protocol. When OpenSSH is configured with the UseLogin directive equal to "yes", an intruder can execute arbitrary code with the privileges of OpenSSH, usually root. Description OpenSSH contains a vulnerability that permits an intruder to...
FreeBSD-SA-01:63.openssh
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:63 Security Advisory FreeBSD, Inc. Topic: OpenSSH UseLogin directive permits privilege escalation REVISED Category: core/ports Module: openssh Announced: 2001-12-02...
OpenSSH UseLogin option allows remote execution of commands as root
Overview Versions of OpenSSH prior to 2.1.1 current circa June, 2000 allow a remote attacker to execute arbitrary commands with the privileges of sshd, typically root. Description OpenSSH is a free implementation of versions 1 and 2 of the SSH protocol. If sshd is configured with the UseLogin...
PT-2001-1001 · Openssh +1 · Openssh-Askpass-Gnome +5
Name of the Vulnerable Software and Affected Versions: OpenSSH versions 3.0.1 and earlier openssh-server-2.9p2 openssh-clients-2.9p2 openssh-2.9p2 openssh-askpass-2.9p2 openssh-askpass-gnome-2.9p2 ssh-askpass-ptk Description: The issue concerns multiple vulnerabilities in OpenSSH and related...
CVE-2000-0525
OpenSSH does not properly drop privileges when the UseLogin option is enabled, which allows local users to execute arbitrary commands by providing the command to the ssh daemon...