Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2015-6563
HistoryAug 24, 2015 - 12:00 a.m.

CVE-2015-6563

2015-08-2400:00:00
ubuntu.com
ubuntu.com
31

1.9 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:M/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

10.1%

JSON

The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD
platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX
requests, which allows local users to conduct impersonation attacks by
leveraging any SSH login access in conjunction with control of the sshd uid
to send a crafted MONITOR_REQ_PWNAM request, related to monitor.c and
monitor_wrap.c.

Bugs

OSVersionArchitecturePackageVersionFilename
ubuntu12.04noarchopenssh< 1:5.9p1-5ubuntu1.6UNKNOWN
ubuntu14.04noarchopenssh< 1:6.6p1-2ubuntu2.2UNKNOWN
ubuntu15.04noarchopenssh< 1:6.7p1-5ubuntu1.2UNKNOWN

Related

debiancve 1
nvd 1
cvelist 1
veracode 1
cve 1
prion 1
ibm 13
f5 2
nessus 27
amazon 2
openvas 14
aix 2
fedora 1
altlinux 2
centos 2
redhat 2
freebsd 1
oraclelinux 2
gentoo 1
suse 1
symantec 1
osv 1
debian 1
rosalinux 1
securityvulns 2
ics 1
debiancve
debiancve
CVE-2015-6563
2015-08-24 01:59:00
nvd
nvd
CVE-2015-6563
2015-08-24 01:59:00
cvelist
cvelist
CVE-2015-6563
2015-08-24 00:00:00
veracode
veracode
Privilege Escalation
2019-05-02 05:29:33
cve
cve
CVE-2015-6563
2015-08-24 01:59:00
prion
prion
Design/Logic Flaw
2015-08-24 01:59:00
ibm
ibm
Security Bulletin: Vulnerabilities in OpenSSH affect the IBM FlashSystem models 840 and 900
2023-02-18 01:45:50
Security Bulletin: Vulnerabilities in OpenSSH affect the IBM FlashSystem model V840
2018-06-18 00:32:32
Security Bulletin: Vulnerabilities in OpenSSH affect SAN Volume Controller and Storwize Family (CVE-2015-6563 CVE-2015-6564)
2023-03-29 01:48:02
f5
f5
K17263 : OpenSSH vulnerabilities CVE-2015-6563 and CVE-2015-6564
2015-09-17 00:00:00
SOL17263 - OpenSSH vulnerabilities CVE-2015-6563 and CVE-2015-6564
2015-09-16 00:00:00
nessus
nessus
Amazon Linux AMI : openssh (ALAS-2015-592)
2015-09-03 00:00:00
AIX OpenSSH Advisory : openssh_advisory6.asc
2015-10-29 00:00:00
F5 Networks BIG-IP : OpenSSH vulnerabilities (K17263)
2016-06-02 00:00:00
amazon
amazon
Medium: openssh
2015-09-02 12:00:00
Medium: openssh
2015-12-14 10:00:00
openvas
openvas
Amazon Linux: Security Advisory (ALAS-2015-592)
2015-09-08 00:00:00
OpenSSH Multiple Vulnerabilities
2015-09-15 00:00:00
Amazon Linux: Security Advisory (ALAS-2015-625)
2015-12-15 00:00:00
aix
aix
AIX OpenSSH Vulnerability
2015-10-21 09:17:40
AIX OpenSSH Vulnerability
2016-01-29 16:13:16
fedora
fedora
[SECURITY] Fedora 21 Update: openssh-6.6.1p1-16.fc21
2015-08-27 23:52:00
altlinux
altlinux
Security fix for the ALT Linux 6 package openssh version 6.7p1-alt1.M60P.4
2016-11-08 00:00:00
Security fix for the ALT Linux 7 package openssh version 6.7p1-alt1.M70P.4
2016-11-08 00:00:00
centos
centos
openssh, pam_ssh_agent_auth security update
2015-11-30 19:46:33
openssh, pam_ssh_agent_auth security update
2016-05-16 10:19:28
redhat
redhat
(RHSA-2015:2088) Moderate: openssh security, bug fix, and enhancement update
2015-11-19 14:41:38
(RHSA-2016:0741) Moderate: openssh security, bug fix, and enhancement update
2016-05-10 06:42:16
freebsd
freebsd
OpenSSH -- PAM vulnerabilities
2015-08-11 00:00:00
oraclelinux
oraclelinux
openssh security, bug fix, and enhancement update
2015-11-23 00:00:00
openssh security, bug fix, and enhancement update
2016-05-12 00:00:00
gentoo
gentoo
OpenSSH: Multiple vulnerabilities
2015-12-20 00:00:00
suse
suse
Security update for openssh (important)
2015-09-21 09:10:02
symantec
symantec
SA104 : OpenSSH Vulnerabilities
2015-12-08 08:00:00
osv
osv
openssh - security update
2018-09-10 00:00:00
debian
debian
[SECURITY] [DLA 1500-1] openssh security update
2018-09-10 08:44:17
rosalinux
rosalinux
Advisory ROSA-SA-2021-1938
2021-07-02 17:38:20
securityvulns
securityvulns
APPLE-SA-2015-10-21-4 OS X El Capitan 10.11.1 and Security Update 2015-007
2015-10-25 00:00:00
Apple Mac OS X / Mac EFI / OS X Server multiple security vulnerabilities
2015-10-25 00:00:00
ics
ics
Siemens SCALANCE X-200RNA Switch Devices
2022-12-19 12:00:00

1.9 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:M/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

10.1%

JSON
Related for UB:CVE-2015-6563
debiancve1nvd1cvelist1veracode1cve1prion1ibm13f52nessus27amazon2openvas14aix2fedora1altlinux2centos2redhat2freebsd1oraclelinux2gentoo1suse1symantec1osv1debian1rosalinux1securityvulns2ics1