Описание
Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.
Ссылки
- Mailing ListRelease Notes
- Patch
Уязвимые конфигурации
EPSS
7.3 High
CVSS3
7.5 High
CVSS2
Дефекты
Связанные уязвимости
Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.
Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.
Untrusted search path vulnerability in ssh-agent.c in ssh-agent in Ope ...
Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.
Уязвимость агента ssh-agent средства криптографической защиты OpenSSH, позволяющая нарушителю выполнить произвольный код
EPSS
7.3 High
CVSS3
7.5 High
CVSS2