CVE-2015-8325

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions OpenSSH versions through 7.2p2

Description The issue allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as demonstrated by an LD PRELOAD environment variable. This is related to the do setup env function in session.c in sshd when the UseLogin feature is enabled and PAM is configured to read .pam environment files in user home directories. There is also a mention of a potential denial of service via long password strings in password authentication.

Recommendations For OpenSSH versions through 7.2p2, consider disabling the UseLogin feature or restricting the use of .pam environment files in user home directories until a patch is available. As a temporary workaround, restrict access to the do setup env function in session.c to minimize the risk of exploitation. Avoid using long strings in password authentication to prevent denial of service attacks.

Exploit

Fix

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

ALT-PU-2016-1200

ALT-PU-2016-2124

ALT-PU-2024-3921

ALT-PU-2024-4077

ALT-PU-2024-4467

ALT-PU-2024-9513

BDU:2022-07416

CESA-2016_2588

CESA-2017_0641

CVE-2015-8325

DSA-3550-1

MGASA-2016-0280

OPENSUSE-SU-2024:10174-1

RHSA-2016:2588

RHSA-2016_2588

RHSA-2017:0641

RHSA-2017_0641

SUSE-SU-2016:1386-1

SUSE-SU-2016:1528-1

SUSE-SU-2016:2388-1

SUSE-SU-2016:2555-1

SUSE-SU-2016_1386-1

SUSE-SU-2016_1528-1

USN-2966-1

Affected Products

Alt Linux

Centos

Ibm Aix

Openssh

Red Hat

Suse

Ubuntu

CVE-2015-8325

Weakness Enumeration

Related Identifiers

Affected Products

References · 134