CVE-2015-8325

Опубликовано: 13 апр. 2016

Источник: redhat

CVSS3: 7

CVSS2: 6.2

Описание

The do_setup_env function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pam_environment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as demonstrated by an LD_PRELOAD environment variable.

It was discovered that the OpenSSH sshd daemon fetched PAM environment settings before running the login program. In configurations with UseLogin=yes and the pam_env PAM module configured to read user environment settings, a local user could use this flaw to execute arbitrary code as root.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 5	openssh	Will not fix
Red Hat Enterprise Linux 6	openssh	Fixed	RHSA-2017:0641	21.03.2017
Red Hat Enterprise Linux 7	openssh	Fixed	RHSA-2016:2588	03.11.2016

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-863

https://bugzilla.redhat.com/show_bug.cgi?id=1328012openssh: privilege escalation via user's PAM environment and UseLogin=yes

7 High

CVSS3

6.2 Medium

CVSS2

Связанные уязвимости

CVE-2015-8325

CVSS3: 7.8

ubuntu

больше 9 лет назад

CVE-2015-8325

CVSS3: 7.8

nvd

больше 9 лет назад

CVE-2015-8325

CVSS3: 7.8

debian

больше 9 лет назад

The do_setup_env function in session.c in sshd in OpenSSH through 7.2p ...

GHSA-729x-x825-x8jf

CVSS3: 7.8

github

больше 3 лет назад

ELSA-2017-0641

oracle-oval

больше 8 лет назад

ELSA-2017-0641: openssh security and bug fix update (MODERATE)

7 High

CVSS3

6.2 Medium

CVSS2