[Forgot Password]
Login  Register Subscribe

24436

 
 

131815

 
 

115228

 
 

909

 
 

90122

 
 

140

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2016-10012Date: (C)2017-01-10   (M)2018-09-27


The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 7.8CVSS Score : 7.2
Exploit Score: 1.8Exploit Score: 3.9
Impact Score: 5.9Impact Score: 10.0
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: LOCALAccess Vector: LOCAL
Attack Complexity: LOWAccess Complexity: LOW
Privileges Required: LOWAuthentication: NONE
User Interaction: NONEConfidentiality: COMPLETE
Scope: UNCHANGEDIntegrity: COMPLETE
Confidentiality: HIGHAvailability: COMPLETE
Integrity: HIGH 
Availability: HIGH 
  
Reference:
SECTRACK-1037490
BID-94975
RHSA-2017:2029
http://www.openwall.com/lists/oss-security/2016/12/19/2
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.647637
https://github.com/openbsd/src/commit/3095060f479b86288e31c79ecbc5131a66bcd2f9
https://security.netapp.com/advisory/ntap-20171130-0002/
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03818en_us
https://www.openssh.com/txt/release-7.4

CWE    1
CWE-119
OVAL    12
oval:org.secpod.oval:def:43676
oval:org.secpod.oval:def:111858
oval:org.secpod.oval:def:39656
oval:org.secpod.oval:def:703960
...

© SecPod Technologies