Lucene search

K

Ubuntu.comUB:CVE-2015-6565

HistoryAug 24, 2015 - 12:00 a.m.

CVE-2015-6565

2015-08-2400:00:00

ubuntu.com

ubuntu.com

11

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

25.4%

sshd in OpenSSH 6.8 and 6.9 uses world-writable permissions for TTY
devices, which allows local users to cause a denial of service (terminal
disruption) or possibly have unspecified other impact by writing to a
device, as demonstrated by writing an escape sequence.

Notes

Author	Note
mdeslaur	in wily, patch is called backport-fix-pty-permissions.patch

References

www.openssh.com/txt/release-7.0

www.openwall.com/lists/oss-security/2015/08/12/1

www.openwall.com/lists/oss-security/2015/08/22/1

anongit.mindrot.org/openssh.git/commit/?id=6f941396b6835ad18018845f515b0c4fe20be21a

launchpad.net/bugs/cve/CVE-2015-6565

nvd.nist.gov/vuln/detail/CVE-2015-6565

security-tracker.debian.org/tracker/CVE-2015-6565

www.cve.org/CVERecord?id=CVE-2015-6565

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

25.4%

Related for UB:CVE-2015-6565

f52 zdt2 prion1 cve1 openvas2 exploitpack1 debiancve1 exploitdb1 nessus5 freebsd1 gentoo1 symantec1 ics1