Описание
SSH Secure Shell for Servers and SSH Secure Shell for Workstations 2.0.13 through 3.2.1, when running without a PTY, does not call setsid to remove the child process from the process group of the parent process, which allows attackers to gain certain privileges.
Ссылки
- PatchUS Government Resource
- Patch
- Patch
- PatchUS Government Resource
- Patch
- Patch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ssh:ssh2:2.0.13:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh2:2.1:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh2:2.2:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh2:2.3:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh2:2.4:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh2:2.5:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh2:3.0:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh2:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh2:3.1:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh2:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh2:3.1.2:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh2:3.1.3:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh2:3.1.4:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh2:3.2:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh2:3.2.1:*:*:*:*:*:*:*
EPSS
Процентиль: 23%
0.00076
Низкий
7.2 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
SSH Secure Shell for Servers and SSH Secure Shell for Workstations 2.0.13 through 3.2.1, when running without a PTY, does not call setsid to remove the child process from the process group of the parent process, which allows attackers to gain certain privileges.
EPSS
Процентиль: 23%
0.00076
Низкий
7.2 High
CVSS2
Дефекты
NVD-CWE-Other