2 matches found
GLSA-200711-02 : OpenSSH: Security bypass
The remote host is affected by the vulnerability described in GLSA-200711-02 OpenSSH: Security bypass Jan Pechanec discovered that OpenSSH uses a trusted X11 cookie when it cannot create an untrusted one. Impact : An attacker could bypass the SSH client security policy and gain privileges by...
OpenSSH does not initialize PAM session thereby allowing PAM restrictions to be bypassed
Overview OpenSSH is an implementation of the Secure Shell SSH protocol. It can be configured to use Linux Pluggable Authentication Modules PAM for added authentication. A vulnerability exists in OpenSSH, and perhaps other implementations of SSH, which can allow to potentially bypass PAM...