Lucene search
Veracode Vulnerability DatabaseVERACODE:25014HistoryApr 10, 2020 - 1:14 a.m.
Arbitrary Code Execution
2020-04-1001:14:35
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12
EPSS
0
Percentile
5.1%
openssh is vulnerable to arbitrary code execution. The vulnerability exists as the pam_ssh_agent_auth PAM module was built in Red Hat Enterprise Linux 6, the glibc’s error() function was called rather than the intended error() function in pam_ssh_agent_auth to report errors. As these two functions expect different arguments, it was possible for an attacker to cause an application using pam_ssh_agent_auth to crash, disclose portions of its memory or, potentially, execute arbitrary code.
Related
openvas
openvas
RedHat Update for openssh RHSA-2013:0519-02
2013-02-22 00:00:00
CentOS Update for openssh CESA-2013:0519 centos6
2013-03-12 00:00:00
Oracle: Security Advisory (ELSA-2013-0519)
2015-10-06 00:00:00
nvd
nvd
CVE-2012-5536
2013-02-22 00:55:00
prion
prion
Code injection
2013-02-22 00:55:00
cve
cve
CVE-2012-5536
2013-02-22 00:55:00
nessus
nessus
Oracle Linux 6 : openssh (ELSA-2013-0519)
2013-07-12 00:00:00
Amazon Linux AMI : openssh (ALAS-2013-165)
2013-09-04 00:00:00
RHEL 6 : openssh (RHSA-2013:0519)
2013-02-21 00:00:00
centos
centos
openssh, pam_ssh_agent_auth security update
2013-02-27 19:37:07
amazon
amazon
Medium: openssh
2013-03-02 16:51:00
redhat
redhat
oraclelinux
oraclelinux
openssh security, bug fix and enhancement update
2013-02-22 00:00:00
cvelist
cvelist
CVE-2012-5536
2013-02-22 00:00:00