OpenSSH 'child_set_env()' Function Security Bypass Vulnerability

Bugtraq ID: 66355
Class: Design Error
CVE: CVE-2014-2532
Remote: Yes
Local: No
Published: Mar 21 2014 12:00AM
Updated: Jul 21 2014 12:01AM
Credit: Jann Horn
Vulnerable: Ubuntu Ubuntu Linux 10.04 LTS
Slackware Linux 13.37
Slackware Linux 13.1
Slackware Linux 13.0
OpenSSH OpenSSH 5.8 p2
OpenSSH OpenSSH 5.8
OpenSSH OpenSSH 5.7
OpenSSH OpenSSH 5.6p1
OpenSSH OpenSSH 5.6
OpenSSH OpenSSH 5.5
OpenSSH OpenSSH 5.4
OpenSSH OpenSSH 5.3
OpenSSH OpenSSH 5.2p1
OpenSSH OpenSSH 5.2
OpenSSH OpenSSH 5.1
OpenSSH OpenSSH 5.0p1
OpenSSH OpenSSH 5.0
IBM Virtual I/O Server (VIOS) 2.2
IBM AIX 7.1
IBM AIX 6.1
IBM AIX 5.3
Gentoo Linux
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus