4 matches found
Updated openssh packages fix security vulnerability
The dosetupenv function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pamenvironment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as...
DEBIAN-CVE-2016-6515
The authpassword function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password authentication, which allows remote attackers to cause a denial of service crypt CPU consumption via a long string...
CVE-2016-6515
OpenSSH sshd vulnerability CVE-2016-6515 arises from the auth_password function not enforcing a maximum password length for password authentication, allowing remote, unauthenticated attackers to trigger high CPU consumption and denial of service via a long input string. Affected products: OpenSSH...
CVE-2016-6515
The authpassword function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password authentication, which allows remote attackers to cause a denial of service crypt CPU consumption via a long string...