ALAS-2016-638 ---- openssh, pam_ssh_agent_authID: oval:org.secpod.oval:def:1600390 | Date: (C)2016-05-19 (M)2024-01-29 |
Class: PATCH | Family: unix |
An information leak flaw was found in the way the OpenSSH client roaming feature was implemented. A malicious server could potentially use this flaw to leak portions of memory of a successfully authenticated OpenSSH client.A buffer overflow flaw was found in the way the OpenSSH client roaming feature was implemented. A malicious server could potentially use this flaw to execute arbitrary code on a successfully authenticated OpenSSH client if that client used certain non-default configuration options.
Platform: |
Amazon Linux AMI |
Product: |
openssh |
pam_ssh_agent_auth |