Lucene search
GoogleOSV:DSA-3550-1HistoryApr 15, 2016 - 12:00 a.m.
openssh - security update
2016-04-1500:00:00
Google
osv.dev
14
0.0004 Low
EPSS
Percentile
5.1%
Shayan Sadigh discovered a vulnerability in OpenSSH: If PAM support is
enabled and the sshd PAM configuration is configured to read userspecified
environment variables and the UseLogin option is enabled, a
local user may escalate her privileges to root.
In Debian UseLogin is not enabled by default.
For the oldstable distribution (wheezy), this problem has been fixed
in version 6.0p1-4+deb7u4.
For the stable distribution (jessie), this problem has been fixed in
version 6.7p1-5+deb8u2.
For the unstable distribution (sid), this problem has been fixed in
version 1:7.2p2-3.
We recommend that you upgrade your openssh packages.
| CPE | Name | Operator | Version |
|---|---|---|---|
| openssh | eq | 1:6.7p1-5+deb8u1 | |
| openssh | eq | 1:6.7p1-5 |
References
Related
redhat
redhat
(RHSA-2016:2588) Moderate: openssh security, bug fix, and enhancement update
2016-11-03 06:07:15
(RHSA-2017:0641) Moderate: openssh security and bug fix update
2017-03-21 06:17:45
nessus
nessus
Fedora 24 : openssh (2016-cce03cc497)
2016-07-14 00:00:00
EulerOS 2.0 SP1 : openssh (EulerOS-SA-2016-1053)
2017-05-01 00:00:00
Amazon Linux AMI : openssh (ALAS-2016-770)
2016-11-21 00:00:00
osv
osv
CVE-2015-8325
2016-05-01 01:59:00
cvelist
cvelist
CVE-2015-8325
2016-05-01 00:00:00
ibm
ibm
fedora
fedora
[SECURITY] Fedora 23 Update: openssh-7.2p2-3.fc23
2016-04-24 20:53:40
[SECURITY] Fedora 24 Update: gsi-openssh-7.2p2-3.fc24
2016-05-20 17:55:09
[SECURITY] Fedora 23 Update: gsi-openssh-7.2p2-2.fc23
2016-05-24 01:40:21
oraclelinux
oraclelinux
openssh security and bug fix update
2017-03-27 00:00:00
openssh security, bug fix, and enhancement update
2016-11-09 00:00:00
openvas
openvas
Fedora Update for gsi-openssh FEDORA-2016-99c6bc92df
2016-06-08 00:00:00
Fedora Update for openssh FEDORA-2016-7
2016-04-25 00:00:00
Debian: Security Advisory (DSA-3550-1)
2016-04-14 00:00:00
ubuntucve
ubuntucve
CVE-2015-8325
2016-04-30 00:00:00
veracode
veracode
Privilege Escalation
2019-01-15 09:16:33
amazon
amazon
Medium: openssh
2016-11-18 12:30:00
centos
centos
openssh, pam_ssh_agent_auth security update
2017-03-24 15:38:42
openssh, pam_ssh_agent_auth security update
2016-11-25 16:01:03
debian
debian
[SECURITY] [DSA 3550-1] openssh security update
2016-04-15 17:09:09
f5
f5
K20911042 : OpenSSH vulnerability CVE-2015-8325
2016-05-16 00:00:00
SOL20911042 - OpenSSH vulnerability CVE-2015-8325
2016-05-16 00:00:00
alpinelinux
alpinelinux
CVE-2015-8325
2016-05-01 01:59:00
cve
cve
CVE-2015-8325
2016-05-01 01:59:00
nvd
nvd
CVE-2015-8325
2016-05-01 01:59:00
prion
prion
Design/Logic Flaw
2016-05-01 01:59:00
debiancve
debiancve
CVE-2015-8325
2016-05-01 01:59:00
symantec
symantec
SA126 : OpenSSH Vulnerabilities January/April 2016
2016-06-14 08:00:00
freebsd
freebsd
openssh -- sshd -- remote valid user discovery and PAM /bin/login attack
2016-08-01 00:00:00
slackware
slackware
[slackware-security] openssh
2016-08-06 21:10:35
mageia
mageia
Updated openssh packages fix security vulnerability
2016-08-31 18:32:33
altlinux
altlinux
Security fix for the ALT Linux 6 package openssh version 6.7p1-alt1.M60P.3
2016-10-20 00:00:00
Security fix for the ALT Linux 8 package openssh version 7.2p2-alt2
2016-10-21 00:00:00
Security fix for the ALT Linux 7 package openssh version 6.7p1-alt1.M70P.3
2016-10-20 00:00:00
aix
aix
AIX OpenSSH Vulnerability
2016-09-08 14:36:37
cloudfoundry
cloudfoundry
USN-2966-1 OpenSSH vulnerabilities | Cloud Foundry
2016-06-13 00:00:00
ubuntu
ubuntu
OpenSSH vulnerabilities
2016-05-09 00:00:00
gentoo
gentoo
OpenSSH: Multiple vulnerabilities
2016-12-07 00:00:00
ics
ics
Siemens SCALANCE X-200RNA Switch Devices
2022-12-19 12:00:00