42 matches found
Siemens SCALANCE X-200RNA Switch Devices Untrusted Search Path (CVE-2015-8325)
The dosetupenv function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pamenvironment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as...
Linux Distros Unpatched Vulnerability : CVE-2015-8325
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The dosetupenv function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pamenvironment files ...
K20911042: OpenSSH vulnerability CVE-2015-8325
Security Advisory Description The dosetupenv function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pamenvironment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the...
Mageia: Security Advisory (MGASA-2016-0280)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Vulnerability in OpenSSH affects Power Hardware Management Console (CVE-2015-8325)
Summary OpenSSH is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2015-8325 DESCRIPTION: OpenSSH could allow a local attacker to gain elevated privileges on the system, caused by an error in the dosetupenv function when the...
Security Bulletin: Vulnerabilities in OpenSSH and OpenSSL affect GPFS for Windows V3.5
Summary OpenSSH vulnerabilities were disclosed on July 22 , August 10, and October19, 2016 by the OpenSSH Project. OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSH and OpenSSL are used by GPFS V3.5 for Windows. GPFS V3.5 for Windows has addressed...
SUSE: Security Advisory (SUSE-SU-2016:2555-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2016-1053)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Public disclosed vulnerability from OpenSSL and OpenSSH affects IBM Netezza Host Management
Summary Open Source OpenSSL and OpenSSH is used by IBM Netezza Host Management. IBM Netezza Host Management has addressed the applicable CVEs. OpenSSL and OpenSSH rpms from RedHat are included in IBM Netezza Host Management for RHEL 6. Vulnerability Details OpenSSH : CVEID: CVE-2016-6210...
Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerability in openssh (CVE-2015-8325)
Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerability in openssh. Vulnerability Details Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerability in openssh. Vulnerability Details CVEID: CVE-2015-8325 Description: OpenSSH could...
Security Bulletin: IBM Flex System Manager (FSM) is affected by an OpenSSH vulnerability (CVE-2015-8325)
Summary A security vulnerability has been identified in OpenSSH that is embedded in IBM FSM. This bulletin addresses this issue. Vulnerability Details CVEID: CVE-2015-8325 DESCRIPTION: OpenSSH could allow a local attacker to gain elevated privileges on the system, caused by an error in the...
Security Bulletin: A vulnerability in OpenSSH affects PowerKVM
Summary PowerKVM is affected by a vulnerability in OpenSSH. IBM has now addressed this vulnerability. Vulnerability Details CVEID: CVE-2015-8325 DESCRIPTION: OpenSSH could allow a local attacker to gain elevated privileges on the system, caused by an error in the dosetupenv function when the...
Security Bulletin: A vulnerability in OpenSSH affects IBM Security Network Protection (CVE-2015-8325)
Summary A security vulnerability has been discovered in OpenSSH, which is used by IBM Security Network Protection. Vulnerability Details CVEID: CVE-2015-8325 DESCRIPTION: OpenSSH could allow a local attacker to gain elevated privileges on the system, caused by an error in the dosetupenv function...
EulerOS 2.0 SP1 : openssh (EulerOS-SA-2016-1053)
According to the version of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It was discovered that the OpenSSH sshd daemon fetched PAM environment settings before running the login program. In configurations with...
Scientific Linux Security Update : openssh on SL6.x i386/x86_64 (20170321)
Security Fixes : - It was discovered that the OpenSSH sshd daemon fetched PAM environment settings before running the login program. In configurations with UseLogin=yes and the pamenv PAM module configured to read user environment settings, a local user could use this flaw to execute arbitrary co...
CentOS 6 : openssh (CESA-2017:0641)
An update for openssh is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
openssh security and bug fix update
5.3p1-122 - Allow to use ibmca crypto hardware 1397547 - CVE-2015-8325: privilege escalation via user's PAM environment and UseLogin=yes 1405374 5.3p1-121 - Fix missing hmac-md5-96 from server offer 1373836 5.3p1-120 - Prevent infinite loop when Ctrl+Z pressed at password prompt 1218424 - Remove...
openssh, pam_ssh_agent_auth security update
CentOS Errata and Security Advisory CESA-2017:0641 An update for openssh is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
RHEL 6 : openssh (RHSA-2017:0641)
An update for openssh is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
RedHat Update for openssh RHSA-2017:0641-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...