OpenSSH Logic Error Lets Remote Authenticated Users Bypass PermitRootLogin Security Restrictions on the Target System : 8/25/2015 1:47:50 AM
Communicate with co-workers in real time. Used by Netflix, Dropbox & Salesforce. $0/unlimited users. Get started >> From our sponsors |
| Vulnerability Databse |
| This module replaces the description field of a feed to the page it links to (in addition, it wipes out the content:encoded field), so you can get its full text. |
OpenSSH Logic Error Lets Remote Authenticated Users Bypass PermitRootLogin Security Restrictions on the Target System
8/25/2015 12:00:00 AM
| OpenSSH Logic Error Lets Remote Authenticated Users Bypass PermitRootLogin Security Restrictions on the Target System |
| SecurityTracker Alert ID: 1033361 |
| SecurityTracker URL: http://securitytracker.com/id/1033361 |
| CVE Reference: GENERIC-MAP-NOMATCH (Links to External Site) |
| Date: Aug 24 2015 |
| Impact: User access via network |
| Fix Available: Yes Vendor Confirmed: Yes |
| Version(s): 7.0 |
| Description: A vulnerability was reported in OpenSSH. A remote authenticated user can bypass security restrictions. A remote authenticated root user can bypass the 'PermitRootLogin=prohibit-password' security control and login to the target system via SSH. The 'PermitRootLogin=without-password' directive is also affected. Mantas Mikulenas reported this vulnerability. |
| Impact: A remote authenticated root user can bypass certain PermitRootLogin security restrictions and login to the target system. |
| Solution: The vendor has issued a fix (7.1). The vendor's advisory is available at: http://www.openssh.com/txt/release-7.1 |
| Vendor URL: www.openssh.com/txt/release-7.1 (Links to External Site) |
| Cause: Access control error |
| Underlying OS: Linux (Any), UNIX (Any), Windows (Any) |
| |
| Message History: None. |
You are receiving this email because you subscribed to this feed at feedmyinbox.com
If you no longer wish to receive these emails, you can unsubscribe from this feed, or manage all your subscriptions
Diberdayakan oleh Blogger.