Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:16906
HistoryMay 02, 2019 - 5:29 a.m.

Privilege Escalation

2019-05-0205:29:33
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
42

1.9 Low

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:M/Au:N/C:N/I:P/A:N

openssh is vulnerable to privilege escalation. A flaw was found in the way OpenSSH handled PAM authentication when using privilege separation. An attacker with valid credentials on the system and able to fully compromise a non-privileged pre-authentication process using a different flaw, could use this flaw to authenticate as other users.

References

1.9 Low

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:M/Au:N/C:N/I:P/A:N