Описание
The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1:7.1p2-2 |
| esm-infra-legacy/trusty | released | 1:6.6p1-2ubuntu2.4 |
| precise | released | 1:5.9p1-5ubuntu1.8 |
| trusty | released | 1:6.6p1-2ubuntu2.4 |
| trusty/esm | released | 1:6.6p1-2ubuntu2.4 |
| upstream | released | 7.1p2 |
| vivid | released | 1:6.7p1-5ubuntu1.4 |
| vivid/stable-phone-overlay | released | 1:6.7p1-5ubuntu1.4 |
| vivid/ubuntu-core | released | 1:6.7p1-5ubuntu1.4 |
| wily | released | 1:6.9p1-2ubuntu0.1 |
Показывать по
Ссылки на источники
EPSS
4 Medium
CVSS2
6.5 Medium
CVSS3
Связанные уязвимости
The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.
The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.
The resend_bytes function in roaming_common.c in the client in OpenSSH ...
The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.
Уязвимость функции resend_bytes средства криптографической защиты OpenSSH, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
EPSS
4 Medium
CVSS2
6.5 Medium
CVSS3