ALAS-2015-592 --- openssh, pam_ssh_agent_authID: oval:org.secpod.oval:def:1200191 | Date: (C)2016-01-04 (M)2024-02-19 |
Class: PATCH | Family: unix |
The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c. Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request
Platform: |
Amazon Linux AMI |
Product: |
openssh |
pam_ssh_agent_auth |