PT-2017-1238 · Openbsd+6 · Openssh+6

Jann Horn

Publicado

2017-01-04

Atualizado

2024-07-08

CVE-2016-10011

CVSS v3.1

6.2

Média

Vetor

AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions OpenSSH versions prior to 7.4

Description The issue is related to a problem in the authfile.c component of OpenSSH's sshd, where the effects of realloc on buffer contents are not properly considered. This might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process. The vulnerability is associated with errors in key management and can be exploited to gain unauthorized access to protected information.

Recommendations For OpenSSH versions prior to 7.4, update to version 7.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the privilege-separated child process to minimize the risk of exploitation.

Exploit

Correção

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-320CWE-119

Identificadores relacionados

ALT-PU-2018-2598

ALT-PU-2024-3921

ALT-PU-2024-4077

ALT-PU-2024-4467

ALT-PU-2024-9513

BDU:2017-00351

BDU:2021-03293

CESA-2017_2029

CVE-2016-10011

DLA-1500-1

OPENSUSE-SU-2024:11124-1

RHSA-2017:2029

RHSA-2017_2029

SUSE-SU-2017:0264-1

SUSE-SU-2017:0603-1

SUSE-SU-2017:0606-1

SUSE-SU-2017:0607-1

SUSE-SU-2017:0607-2

SUSE-SU-2017:0607-3

SUSE-SU-2017:1661-1

USN-3538-1

Produtos afetados

Alt Linux

Centos

Ibm Aix

Openssh

Red Hat

Suse

Ubuntu

PT-2017-1238 · Openbsd+6 · Openssh+6

CVE-2016-10011

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 126