OpenSSH 'child_set_env()' Function Security Bypass Vulnerability

Bugtraq ID: 66355
Class: Design Error
CVE: CVE-2014-2532
Remote: Yes
Local: No
Published: Mar 21 2014 12:00AM
Updated: Oct 26 2016 03:13AM
Credit: Jann Horn
Vulnerable: Ubuntu Ubuntu Linux 13.10
Ubuntu Ubuntu Linux 12.10
Ubuntu Ubuntu Linux 12.04 LTS
Ubuntu Ubuntu Linux 10.04 LTS
Slackware Linux 14.1
Slackware Linux 14.0
Slackware Linux 13.37
Slackware Linux 13.1
Slackware Linux 13.0
Redhat Enterprise Linux Workstation Optional 6
Redhat Enterprise Linux Workstation 6
Redhat Enterprise Linux Server Optional 6
Redhat Enterprise Linux Server 6
Redhat Enterprise Linux HPC Node Optional 6
Redhat Enterprise Linux HPC Node 6
Redhat Enterprise Linux Desktop Optional 6
Redhat Enterprise Linux Desktop 6
Oracle Enterprise Linux 6.2
Oracle Enterprise Linux 6
Oracle Communications User Data Repository 10.0.1
Oracle Communications Policy Management 12.1.1
Oracle Communications Policy Management 10.4.1
Oracle Communications Policy Management 9.9.1
Oracle Communications Policy Management 9.7.3
OpenSSH OpenSSH 6.5
OpenSSH OpenSSH 6.4
OpenSSH OpenSSH 6.3
OpenSSH OpenSSH 6.2p2
OpenSSH OpenSSH 6.2p1
OpenSSH OpenSSH 6.2
OpenSSH OpenSSH 6.1
OpenSSH OpenSSH 6.0
OpenSSH OpenSSH 5.8 p2
OpenSSH OpenSSH 5.8
OpenSSH OpenSSH 5.7
OpenSSH OpenSSH 5.6p1
OpenSSH OpenSSH 5.6
OpenSSH OpenSSH 5.5
OpenSSH OpenSSH 5.4
OpenSSH OpenSSH 5.3
OpenSSH OpenSSH 5.2p1
OpenSSH OpenSSH 5.2
OpenSSH OpenSSH 5.1
OpenSSH OpenSSH 5.0p1
OpenSSH OpenSSH 5.0
Mandriva Business Server 1 X86 64
Mandriva Business Server 1
Juniper NSMXpress Appliances 2012.2
Juniper NSM3000 Appliances 2012.2
IBM Virtual I/O Server (VIOS) 2.2.3
IBM Virtual I/O Server (VIOS) 2.2.2
IBM Virtual I/O Server (VIOS) 2.2.1 4
IBM Virtual I/O Server (VIOS) 2.2.1
IBM Virtual I/O Server (VIOS) 2.2.3.3
IBM Virtual I/O Server (VIOS) 2.2.2.4
IBM Virtual I/O Server (VIOS) 2.2.1.8
IBM Virtual I/O Server (VIOS) 2.2
IBM System x3950 X6 Type 3837 0
IBM System x3850 X6 Type 3837 0
IBM System X3750 M4 8752
IBM System x3650 M4 Type 7915 0
IBM System x3650 M4 HD 5460
IBM System x3630 M4 HD 5466
IBM System X3630 M4 7158
IBM System x3570 M4 type 8733 0
IBM System x3570 M4 type 8722 0
IBM System x3570 M4 type 8718 0
IBM System X3550 M4 7914
IBM System X3530 M4 7160
IBM System X3500 M4 7383
IBM System x3300 M4 7382
IBM System x3250 M5 type 5458 0
IBM System X3250 M4 2583
IBM System x3100 M5 type 5457 0
IBM System X3100 M4 2582
IBM NeXtScale nx360 M4 type 5455 0
IBM iDatplex dx360 M4 Water Cooled type 7919 0
IBM iDatplex dx360 M4 Water Cooled type 7918 0
IBM iDatplex dx360 M4 type 7913 0
IBM iDatplex dx360 M4 type 7912 0
IBM GPFS for Windows 3.5.0.11
IBM GPFS for Windows 3.5
IBM Flex System x880 Compute Node 7903
IBM Flex System x880 Compute Node 4259
IBM Flex System X440 Compute Node 7917
IBM Flex System X240 Compute Node 8956
IBM Flex System X240 Compute Node 8738
IBM Flex System X240 Compute Node 8737
IBM Flex System X240 Compute Node 7863
IBM Flex System x222 Compute Node 7916
IBM Flex System X220 Compute Node 7906
IBM Flex System X220 Compute Node 2585
IBM Flex System Manager Node 8734
IBM Flex System Manager Node 8731
IBM Flex System Manager Node 7955
IBM BladeCenter Advanced Management Module 3.66G
IBM AIX 7.1
IBM AIX 6.1
IBM AIX 5.3
HP HP-UX B.11.31
HP HP-UX B.11.23
HP HP-UX B.11.11
Gentoo Linux
F5 Enterprise Manager 3.1.1
F5 Enterprise Manager 3.1
F5 Enterprise Manager 3.0
F5 Enterprise Manager 2.3
F5 Enterprise Manager 2.1
F5 BIG-IQ Security 4.3
F5 BIG-IQ Security 4.2
F5 BIG-IQ Security 4.1
F5 BIG-IQ Security 4.0
F5 BIG-IQ Device 4.3
F5 BIG-IQ Device 4.2
F5 BIG-IQ Cloud 4.3
F5 BIG-IQ Cloud 4.2
F5 BIG-IQ Cloud 4.1
F5 BIG-IQ Cloud 4.0
F5 BIG-IP WOM 11.5.1
F5 BIG-IP WOM 11.2
F5 BIG-IP WOM 11.0
F5 BIG-IP WOM 10.2.4
F5 BIG-IP WOM 10.2.2
F5 BIG-IP WOM 10.2.1
F5 BIG-IP WOM 10.0
F5 BIG-IP WOM 11.3.0 HF4
F5 BIG-IP WOM 11.3.0
F5 BIG-IP WOM 11.2.1 HF5
F5 BIG-IP WOM 11.2.1 HF3
F5 BIG-IP WOM 11.2.1
F5 BIG-IP WOM 11.2.0 HF5
F5 BIG-IP WOM 11.2.0 HF3
F5 BIG-IP WOM 11.1.0 HF7
F5 BIG-IP WOM 11.1.0
F5 BIG-IP WOM 10.2.1 HF1
F5 BIG-IP WebAccelerator 11.2.0 0
F5 BIG-IP WebAccelerator 11.5.1
F5 BIG-IP WebAccelerator 11.3
F5 BIG-IP WebAccelerator 11.2.1 HF3
F5 BIG-IP WebAccelerator 11.2.1
F5 BIG-IP WebAccelerator 11.2 HF3
F5 BIG-IP WebAccelerator 11.1
F5 BIG-IP WebAccelerator 11.0
F5 BIG-IP WebAccelerator 10.2.4
F5 BIG-IP WebAccelerator 10.2.1
F5 BIG-IP WebAccelerator 10.0
F5 BIG-IP WebAccelerator 11.3.0 HF4
F5 BIG-IP WebAccelerator 11.2.1 HF5
F5 BIG-IP WebAccelerator 11.2.0 HF5
F5 BIG-IP WebAccelerator 11.1.0 HF7
F5 BIG-IP WebAccelerator 10.2.1 HF1
F5 BIG-IP PSM 11.5.1
F5 BIG-IP PSM 11.5
F5 BIG-IP PSM 11.4.1
F5 BIG-IP PSM 11.3
F5 BIG-IP PSM 11.2
F5 BIG-IP PSM 11.1
F5 BIG-IP PSM 11.0
F5 BIG-IP PSM 10.2.4
F5 BIG-IP PSM 10.2.1
F5 BIG-IP PSM 10.0
F5 BIG-IP PSM 11.3.0 HF4
F5 BIG-IP PSM 11.2.1 HF5
F5 BIG-IP PSM 11.2.1 HF3
F5 BIG-IP PSM 11.2.1 HF2
F5 BIG-IP PSM 11.2.1 HF1
F5 BIG-IP PSM 11.2.1
F5 BIG-IP PSM 11.2.0 HF5
F5 BIG-IP PSM 11.2.0 HF3
F5 BIG-IP PSM 11.2.0 HF2
F5 BIG-IP PSM 11.1.0 HF7
F5 BIG-IP PSM 10.2.1 HF1
F5 BIG-IP PEM 11.5.1
F5 BIG-IP PEM 11.5
F5 BIG-IP PEM 11.3
F5 BIG-IP PEM 11.4.1
F5 BIG-IP PEM 11.3.0 HF4
F5 BIG-IP LTM 11.5.1
F5 BIG-IP LTM 11.5
F5 BIG-IP LTM 11.2.1 HF3
F5 BIG-IP LTM 11.2 HF3
F5 BIG-IP LTM 11.2
F5 BIG-IP LTM 11.0
F5 BIG-IP LTM 10.2.4
F5 BIG-IP LTM 10.2.2
F5 BIG-IP LTM 10.0
F5 BIG-IP LTM 11.5
F5 BIG-IP LTM 11.4.1
F5 BIG-IP LTM 11.3.0 HF4
F5 BIG-IP LTM 11.3.0
F5 BIG-IP LTM 11.2.1 HF5
F5 BIG-IP LTM 11.2.1 HF2
F5 BIG-IP LTM 11.2.1 HF1
F5 BIG-IP LTM 11.2.1
F5 BIG-IP LTM 11.2.0 HF5
F5 BIG-IP LTM 11.2.0 HF2
F5 BIG-IP LTM 11.1.0 HF7
F5 BIG-IP LTM 11.1.0
F5 BIG-IP LTM 10.2.1 HF1
F5 BIG-IP LTM 10.2.1
F5 BIG-IP Link Controller 11.2.0 0
F5 BIG-IP Link Controller 11.5.1
F5 BIG-IP Link Controller 11.5
F5 BIG-IP Link Controller 11.3
F5 BIG-IP Link Controller 11.2.1 HF3
F5 BIG-IP Link Controller 11.2.1
F5 BIG-IP Link Controller 11.2 HF3
F5 BIG-IP Link Controller 11.1
F5 BIG-IP Link Controller 11.0
F5 BIG-IP Link Controller 10.2.4
F5 BIG-IP Link Controller 10.2.2
F5 BIG-IP Link Controller 10.2.1
F5 BIG-IP Link Controller 10.0
F5 BIG-IP Link Controller 11.4.1
F5 BIG-IP Link Controller 11.3.0 HF4
F5 BIG-IP Link Controller 11.2.1 HF5
F5 BIG-IP Link Controller 11.2.1 HF2
F5 BIG-IP Link Controller 11.2.1 HF1
F5 BIG-IP Link Controller 11.2.0 HF5
F5 BIG-IP Link Controller 11.2.0 HF2
F5 BIG-IP Link Controller 11.1.0 HF7
F5 BIG-IP Link Controller 10.2.1 HF1
F5 BIG-IP GTM 11.5.1
F5 BIG-IP GTM 11.5
F5 BIG-IP GTM 11.3
F5 BIG-IP GTM 11.2.1 HF3
F5 BIG-IP GTM 11.2
F5 BIG-IP GTM 11.0
F5 BIG-IP GTM 10.2.4
F5 BIG-IP GTM 10.2.2
F5 BIG-IP GTM 10.2.1
F5 BIG-IP GTM 10.0
F5 BIG-IP GTM 11.4.1
F5 BIG-IP GTM 11.3.0 HF4
F5 BIG-IP GTM 11.2.1 HF5
F5 BIG-IP GTM 11.2.1 HF2
F5 BIG-IP GTM 11.2.1 HF1
F5 BIG-IP GTM 11.2.1
F5 BIG-IP GTM 11.2.0 HF5
F5 BIG-IP GTM 11.2.0 HF3
F5 BIG-IP GTM 11.2.0 HF2
F5 BIG-IP GTM 11.1.0 HF7
F5 BIG-IP GTM 11.1.0
F5 BIG-IP GTM 10.2.1 HF1
F5 BIG-IP Edge Gateway 11.3
F5 BIG-IP Edge Gateway 11.2.1 HF3
F5 BIG-IP Edge Gateway 11.2.1
F5 BIG-IP Edge Gateway 11.2 HF3
F5 BIG-IP Edge Gateway 11.2
F5 BIG-IP Edge Gateway 11.1
F5 BIG-IP Edge Gateway 11.0
F5 BIG-IP Edge Gateway 10.2.4
F5 BIG-IP Edge Gateway 10.2.2
F5 BIG-IP Edge Gateway 10.2.1
F5 BIG-IP Edge Gateway 10.1
F5 BIG-IP Edge Gateway 11.2.1 HF5
F5 BIG-IP Edge Gateway 11.2.1 HF2
F5 BIG-IP Edge Gateway 11.2.0 HF5
F5 BIG-IP Edge Gateway 11.1.0 HF7
F5 BIG-IP Edge Gateway 10.2.1 HF1
F5 BIG-IP Edge Gateway 10.1
F5 BIG-IP ASM 11.2.0 HF2 0
F5 BIG-IP ASM 11.2.0 0
F5 BIG-IP ASM 11.0.0 0
F5 BIG-IP ASM 10.2.4 0
F5 BIG-IP ASM 10.0.0 0
F5 BIG-IP ASM 11.5.1
F5 BIG-IP ASM 11.5
F5 BIG-IP ASM 10.2.2
F5 BIG-IP ASM 10.2.1
F5 BIG-IP ASM 11.4.1
F5 BIG-IP ASM 11.3.0 HF4
F5 BIG-IP ASM 11.3.0
F5 BIG-IP ASM 11.2.1 HF5
F5 BIG-IP ASM 11.2.1 HF3
F5 BIG-IP ASM 11.2.1 HF2
F5 BIG-IP ASM 11.2.1 HF1
F5 BIG-IP ASM 11.2.1
F5 BIG-IP ASM 11.2.0 HF5
F5 BIG-IP ASM 11.2.0 HF3
F5 BIG-IP ASM 11.1.0 HF7
F5 BIG-IP ASM 11.1.0
F5 BIG-IP ASM 10.2.1 HF1
F5 BIG-IP APM 11.5.1
F5 BIG-IP APM 11.2
F5 BIG-IP APM 11.0
F5 BIG-IP APM 10.2.4
F5 BIG-IP APM 10.2.2
F5 BIG-IP APM 10.0
F5 BIG-IP APM 11.5.0
F5 BIG-IP APM 11.4.1
F5 BIG-IP APM 11.4.0
F5 BIG-IP APM 11.3.0 HF4
F5 BIG-IP APM 11.3.0
F5 BIG-IP APM 11.2.1 HF5
F5 BIG-IP APM 11.2.1 HF3
F5 BIG-IP APM 11.2.1 HF2
F5 BIG-IP APM 11.2.1 HF1
F5 BIG-IP APM 11.2.1
F5 BIG-IP APM 11.2.0 HF5
F5 BIG-IP APM 11.2.0 HF3
F5 BIG-IP APM 11.2.0 HF2
F5 BIG-IP APM 11.1.0 HF7
F5 BIG-IP APM 11.1.0
F5 BIG-IP APM 10.2.1 HF1
F5 BIG-IP APM 10.2.1
F5 BIG-IP APM 10.1
F5 BIG-IP Analytics 11.5.1
F5 BIG-IP Analytics 11.5
F5 BIG-IP Analytics 11.3
F5 BIG-IP Analytics 11.2.1 HF3
F5 BIG-IP Analytics 11.2.1
F5 BIG-IP Analytics 11.2 HF3
F5 BIG-IP Analytics 11.2
F5 BIG-IP Analytics 11.4.1
F5 BIG-IP Analytics 11.3.0 HF4
F5 BIG-IP Analytics 11.2.1 HF5
F5 BIG-IP Analytics 11.2.1 HF2
F5 BIG-IP Analytics 11.2.1 HF1
F5 BIG-IP Analytics 11.2.0 HF5
F5 BIG-IP Analytics 11.2.0 HF2
F5 BIG-IP Analytics 11.1.0 HF7
F5 BIG-IP Analytics 11.1.0
F5 BIG-IP Analytics 11.0.0-HF2
F5 BIG-IP Analytics 11.0.0
F5 BIG-IP AFM 11.5.1
F5 BIG-IP AFM 11.5
F5 BIG-IP AFM 11.3
F5 BIG-IP AFM 11.4.1
F5 BIG-IP AFM 11.3.0 HF4
F5 BIG-IP AAM 11.5.1
F5 BIG-IP AAM 11.5
F5 BIG-IP AAM 11.4.1
F5 BIG-IP AAM 11.4.0
F5 ARX 6.4
F5 ARX 6.3
F5 ARX 6.2
F5 ARX 6.1.1
F5 ARX 6.1
F5 ARX 6.0
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Apple Mac Os X 10.10.5
Apple Mac OS X 10.10
Apple Mac OS X 10.9.5
Apple Mac OS X 10.9.1
Apple Mac OS X 10.8.5
Apple Mac OS X 10.8.4
Apple Mac OS X 10.8.2
Apple Mac OS X 10.8.1
Apple Mac OS X 10.8
Apple Mac OS X 10.7
Apple Mac OS X 10.9.4
Apple Mac OS X 10.9.3
Apple Mac OS X 10.9.2
Apple Mac OS X 10.9
Apple Mac OS X 10.8.3
Apple Mac OS X 10.7.5
Apple Mac OS X 10.7.4
Apple Mac OS X 10.7.3
Apple Mac OS X 10.7.1
Apple Mac OS X 10.6.8
Apple Mac Os X 10.10.4
Apple Mac Os X 10.10.3
Apple Mac OS X 10.10.2
Apple Mac OS X 10.10.1
Not Vulnerable: OpenSSH OpenSSH 6.6
Apple Mac Os X 10.11


 

Privacy Statement
Copyright 2010, SecurityFocus