Missing sanitisation of untrusted input allows an authenticated user who is able to request X11 forwarding to inject commands to xauth(1) (CVE-2016-3115).

OSVersionArchitecturePackageVersionFilename
Mageia5noarchopenssh< 6.6p1-5.7openssh-6.6p1-5.7.mga5

OS	Version	Architecture	Package	Version	Filename
Mageia	5	noarch	openssh	< 6.6p1-5.7	openssh-6.6p1-5.7.mga5

References

openwall.com/lists/oss-security/2016/03/10/16

www.openssh.com/txt/x11fwd.adv

bugs.mageia.org/show_bug.cgi?id=17944

nessus 33

openvas 20

fedora 6

packetstorm 2

exploitpack 3

zdt 3

f5 2

freebsd 1

altlinux 2

seebug 1

nvd 1

exploitdb 3

veracode 1

cvelist 1

cve 1

prion 1

archlinux 1

threatpost 1

freebsd_advisory 1

ubuntucve 1

amazon 1

slackware 1

debiancve 1

ibm 6

centos 2

aix 1

oraclelinux 4

symantec 1

redhat 2

cloudfoundry 1

ubuntu 1

gentoo 1

debian 1

osv 1

githubexploit 1

nessus

Fedora 24 : openssh-7.2p2-1.fc24 (2016-0bcab055a7)

2016-03-28 00:00:00

F5 Networks BIG-IP : SSHD session.c vulnerability (K93532943)

2017-07-21 00:00:00

Amazon Linux AMI : openssh (ALAS-2016-668)

2016-03-17 00:00:00

openvas

Slackware: Security Advisory (SSA:2016-070-01)

2022-04-21 00:00:00

Fedora Update for gsi-openssh FEDORA-2016-188267

2016-04-26 00:00:00

Fedora Update for gsi-openssh FEDORA-2016-08

2016-05-08 00:00:00

fedora

[SECURITY] Fedora 23 Update: gsi-openssh-7.2p2-1.fc23

2016-04-25 23:56:33

[SECURITY] Fedora 22 Update: openssh-6.9p1-11.fc22

2016-03-29 19:23:45

[SECURITY] Fedora 24 Update: gsi-openssh-7.2p2-2.fc24

2016-05-07 13:36:50

packetstorm

OpenSSH 7.2p1 xauth Command Injection / Bypass

2016-03-15 00:00:00

BlackStratus LOGStorm 4.5.1.35 / 4.5.1.96 Remote Root

2016-12-05 00:00:00

exploitpack

OpenSSH 7.2p1 - (Authenticated) xauth Command Injection

2016-03-16 00:00:00

BlackStratus LOGStorm 4.5.1.354.5.1.96 - Remote Code Execution

2016-12-04 00:00:00

DropBearSSHD 2015.71 - Command Injection

2016-03-03 00:00:00

zdt

OpenSSH 7.2p1 - Authenticated xauth Command Injection

2016-03-16 00:00:00

BlackStratus LOGStorm 4.5.1.35/4.5.1.96 - Remote Root Exploit

2016-12-05 00:00:00

DropBearSSHD 2015.71 - Command Injection

2016-03-03 00:00:00

K93532943 : SSHD session.c vulnerability CVE-2016-3115

2016-04-27 00:00:00

SOL93532943 - SSHD session.c vulnerability CVE-2016-3115

2016-04-27 00:00:00

freebsd

openssh -- command injection when X11Forwarding is enabled

2016-03-11 00:00:00

altlinux

Security fix for the ALT Linux 7 package openssh version 6.7p1-alt1.M70P.2

2016-03-14 00:00:00

Security fix for the ALT Linux 6 package openssh version 6.7p1-alt1.M60P.2

2016-03-14 00:00:00

seebug

OpenSSH <=7.2p1 xauth injection

2016-03-16 00:00:00

nvd

CVE-2016-3115

2016-03-22 10:59:02

exploitdb

BlackStratus LOGStorm 4.5.1.35/4.5.1.96 - Remote Code Execution

2016-12-04 00:00:00

OpenSSH 7.2p1 - (Authenticated) xauth Command Injection

2016-03-16 00:00:00

DropBearSSHD 2015.71 - Command Injection

2016-03-03 00:00:00

veracode

CRLF Injection

2019-05-02 05:27:51

cvelist

CVE-2016-3115

2016-03-22 10:00:00

cve

CVE-2016-3115

2016-03-22 10:59:02

prion

Crlf injection

2016-03-22 10:59:00

archlinux

openssh: command injection

2016-03-11 00:00:00

threatpost

OpenSSH Implementations with X11Forwarding Enabled Should Heed Recent Security Update

2016-03-15 16:06:09

freebsd_advisory

FreeBSD-SA-16:14.openssh

2016-03-16 00:00:00

ubuntucve

CVE-2016-3115

2016-03-22 00:00:00

amazon

Medium: openssh

2016-03-16 16:30:00

slackware

[slackware-security] openssh

2016-03-11 01:32:41

debiancve

CVE-2016-3115

2016-03-22 10:59:02

ibm

Security Bulletin: IBM Security Access Manager for Web is affected by vulnerabilities in OpenSSH (CVE-2016-3115, CVE-2016-1908)

2018-06-16 21:44:51

Security Bulletin: IBM Security Access Manager for Mobile is affected by vulnerabilities in OpenSSH (CVE-2016-3115, CVE-2016-1908)

2018-06-16 21:44:51

Security Bulletin: Vulnerabilities in OpenSSH affect IBM i (CVE-2016-1907, CVE-2016-1908, CVE-2016-3115)

2019-12-18 14:26:38

centos

openssh, pam_ssh_agent_auth security update

2016-03-21 22:38:14

openssh, pam_ssh_agent_auth security update

2016-03-21 22:18:29

aix

Vulnerabilities in OpenSSH affect AIX

2016-05-03 10:03:39

oraclelinux

openssh security update

2016-03-21 00:00:00

openssh security update

2016-04-03 00:00:00

openssh security update

2016-03-21 00:00:00

symantec

SA121 : OpenSSH Shell Command Restriction Bypass

2016-04-28 08:00:00

redhat

(RHSA-2016:0466) Moderate: openssh security update

2016-03-21 00:00:00

(RHSA-2016:0465) Moderate: openssh security update

2016-03-21 20:03:21

cloudfoundry

USN-2966-1 OpenSSH vulnerabilities | Cloud Foundry

2016-06-13 00:00:00

ubuntu

OpenSSH vulnerabilities

2016-05-09 00:00:00

gentoo

OpenSSH: Multiple vulnerabilities

2016-12-07 00:00:00

debian

[SECURITY] [DLA 1500-1] openssh security update

2018-09-10 08:44:17

osv

openssh - security update

2018-09-10 00:00:00

githubexploit

Exploit for Race Condition in Openbsd Openssh

2024-07-01 20:45:53

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

CVSS2

5.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:P/A:N

CVSS3

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

EPSS

0.017

Percentile

87.9%

JSON

Related for MGASA-2016-0108