PT-2015-3449 · Openssh+5 · Openssh+5

Moritz Jodeit

Publicado

2015-08-14

Atualizado

2024-07-08

CVE-2015-6564

CVSS v3.1

7.0

Alta

Vetor

AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions OpenSSH versions prior to 7.0

Description The issue is related to a use-after-free vulnerability in the mm answer pam free ctx function in monitor.c in sshd. This vulnerability might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR REQ PAM FREE CTX request. The vulnerability is associated with errors in privilege management.

Recommendations For OpenSSH versions prior to 7.0, update to version 7.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the mm answer pam free ctx function in monitor.c to minimize the risk of exploitation. Additionally, ensure that the sshd uid is properly managed to prevent unauthorized access.

Exploit

Correção

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264CWE-416

Identificadores relacionados

ALT-PU-2016-1023

ALT-PU-2024-3921

ALT-PU-2024-4077

ALT-PU-2024-4467

ALT-PU-2024-9513

BDU:2023-07109

CESA-2015_2088

CESA-2016_0741

CVE-2015-6564

DLA-1500-1

RHSA-2015:2088

RHSA-2015_2088

RHSA-2016:0741

RHSA-2016_0741

SUSE-SU-2015:1544-1

SUSE-SU-2015:1581-1

SUSE-SU-2015:1695-1

USN-2710-1

Produtos afetados

Alt Linux

Centos

Ibm Aix

Openssh

Red Hat

Suse

PT-2015-3449 · Openssh+5 · Openssh+5

CVE-2015-6564

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 119