Описание
sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1:6.6p1-1 |
| lucid | released | 1:5.3p1-3ubuntu7.1 |
| precise | released | 1:5.9p1-5ubuntu1.2 |
| quantal | released | 1:6.0p1-3ubuntu1.1 |
| saucy | released | 1:6.2p2-6ubuntu0.2 |
| upstream | released | 6.6p1 |
Показывать по
EPSS
5.8 Medium
CVSS2
4.9 Medium
CVSS3
Связанные уязвимости
sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.
sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.
sshd in OpenSSH before 6.6 does not properly support wildcards on Acce ...
sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.
ELSA-2014-1552: openssh security, bug fix, and enhancement update (MODERATE)
EPSS
5.8 Medium
CVSS2
4.9 Medium
CVSS3