PT-2001-1065 · Openssh+1 · Openssh+1

Publicado

2001-12-03

Atualizado

2024-07-08

CVE-2001-0816

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions openssh-server versions 2.9p2 through 2.9.8 openssh-clients version 2.9p2 openssh version 2.9p2 openssh-askpass-gnome version 2.9p2 openssh-askpass version 2.9p2

Description The issue affects the confidentiality, integrity, and availability of protected information. It can be exploited remotely. According to the NVD, OpenSSH before 2.9.9, when running sftp using sftp-server and using restricted keypairs, allows remote authenticated users to bypass authorized keys2 command= restrictions using sftp commands.

Recommendations For openssh-server versions 2.9p2 through 2.9.8, update to version 2.9.9 or later. For openssh-clients version 2.9p2, update to version 2.9.9 or later. For openssh version 2.9p2, update to version 2.9.9 or later. For openssh-askpass-gnome version 2.9p2, update to version 2.9.9 or later. For openssh-askpass version 2.9p2, update to version 2.9.9 or later.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

ALT-PU-2024-3921

ALT-PU-2024-4077

ALT-PU-2024-4467

ALT-PU-2024-9513

BDU:2015-08183

BDU:2015-08186

BDU:2015-08189

BDU:2015-08192

BDU:2015-08195

CVE-2001-0816

Produtos afetados

Alt Linux

Openssh

PT-2001-1065 · Openssh+1 · Openssh+1

CVE-2001-0816

Identificadores relacionados

Produtos afetados

Referências · 357