ID CVE-2016-10011
Summary authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.
References
Vulnerable Configurations
  • cpe:2.3:a:openbsd:openssh:-:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:-:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:1.2:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:1.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:1.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:1.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:1.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:1.2.2:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:1.2.2:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:1.2.2:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:1.2.2:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:1.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:1.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:1.2.3:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:1.2.3:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:1.2.3:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:1.2.3:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:1.2.27:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:1.2.27:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:1.3:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:1.5:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:1.5.7:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:1.5.7:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:1.5.8:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:1.5.8:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.1.0:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.1.0:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.1.0:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.1.0:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.1.1:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.1.1:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.1.1:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.1.1:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.1.1:p2:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.1.1:p2:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.1.1:p3:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.1.1:p3:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.1.1:p4:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.1.1:p4:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.2:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.2.0:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.2.0:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.2.0:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.2.0:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.3:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.3.0:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.3.0:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.3.0:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.3.0:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.5:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.5.1:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.5.1:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.5.1:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.5.1:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.5.1:p2:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.5.1:p2:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.5.2:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.5.2:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.5.2:p2:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.5.2:p2:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.9:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.9:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.9:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.9:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.9:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.9:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.9:p2:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.9:p2:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.9.9:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.9.9:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.9.9:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.9.9:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.9.9:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.9.9:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.9.9:p2:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.9.9:p2:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.9.9p2:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.9.9p2:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.9p1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.9p1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.9p2:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.9p2:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.0:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.0:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.0:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.0:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.0:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.0.1:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.0.1:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.0.1:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.0.1:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.0.1p1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.0.1p1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.0.2:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.0.2:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.0.2:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.0.2:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.0.2p1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.0.2p1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.0p1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.0p1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.1:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.1:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.1:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.1:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.1p1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.1p1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.2:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.2.2:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.2.2:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.2.2:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.2.2:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.2.2p1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.2.2p1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.2.3:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.2.3:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.2.3:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.2.3:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.2.3p1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.2.3p1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.3:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.3:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.3:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.3:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.3:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.3p1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.3p1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.4:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.4:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.4:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.4:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.4:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.4p1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.4p1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.5:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.5:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.5:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.5:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.5:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.5:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.5p1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.5p1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.6:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.6:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.6:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.6:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.6:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.6:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.6.1:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.6.1:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.6.1:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.6.1:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.6.1:p2:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.6.1:p2:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.6.1p1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.6.1p1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.6.1p2:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.6.1p2:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.7:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.7:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.7.1:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.7.1:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.7.1:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.7.1:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.7.1:p2:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.7.1:p2:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.7.1p1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.7.1p1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.7.1p2:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.7.1p2:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.8:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.8:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.8:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.8:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.8:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.8:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.8.1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.8.1:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.8.1:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.8.1:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.8.1:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.8.1p1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.8.1p1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.9:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.9:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.9:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.9:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.9:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.9:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.9.1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.9.1:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.9.1:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.9.1p1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.9.1p1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.0:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.0:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.0:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.0:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.0:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.0p1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.0p1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.1:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.1:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.1:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.1:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.1p1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.1p1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.2:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.2:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.2:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.2:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.2:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.2p1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.2p1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.3:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.3:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.3:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.3:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.3:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.3:p2:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.3:p2:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.3p1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.3p1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.3p2:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.3p2:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.4:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.4:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.4:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.4:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.4:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.4:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.4p1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.4p1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.5:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.5:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.5:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.5:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.5:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.5:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.6:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.6:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.6:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.6:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.6:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.6:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.7:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.7:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.7:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.7:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.7:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.7:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.7p1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.7p1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.8:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.8:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.8:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.8:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.8:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.8:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.9:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.9:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.9:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.9:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.9:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.9:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.0:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.0:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.0:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.0:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.0:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.1:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.1:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.1:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.1:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.2:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.2:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.2:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.2:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.2:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.3:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.3:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.3:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.3:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.3:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.4:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.4:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.4:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.4:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.4:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.5:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.5:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.5:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.5:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.5:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.5:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.6:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.6:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.6:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.6:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.6:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.6:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.7:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.7:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.7:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.7:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.7:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.7:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.8:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.8:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.8:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.8:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.8:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.8:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.8:p2:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.8:p2:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.8p2:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.8p2:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.9:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.9:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.9:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.9:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.9:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.9:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:6.0:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:6.0:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:6.0:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:6.0:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:6.0:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:6.1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:6.1:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:6.1:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:6.1:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:6.1:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:6.2:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:6.2:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:6.2:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:6.2:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:6.2:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:6.2:p2:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:6.2:p2:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:6.3:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:6.3:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:6.3:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:6.3:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:6.3:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:6.3:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:6.4:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:6.4:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:6.4:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:6.4:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:6.4:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:6.4:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:6.5:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:6.5:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:6.5:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:6.5:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:6.5:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:6.5:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:6.6:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:6.6:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:6.6:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:6.6:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:6.6:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:6.6:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:6.7:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:6.7:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:6.7:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:6.7:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:6.7:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:6.7:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:6.8:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:6.8:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:6.8:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:6.8:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:6.8:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:6.8:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:6.9:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:6.9:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:6.9:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:6.9:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:6.9:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:6.9:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:7.0:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:7.0:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:7.0:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:7.0:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:7.0:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:7.1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:7.1:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:7.1:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:7.1:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:7.1:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:7.1:p2:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:7.1:p2:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:7.2:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:7.2:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:7.2:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:7.2:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:7.2:p2:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:7.2:p2:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:7.3:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:7.3:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:7.3:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:7.3:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:7.3:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:7.3:p1:*:*:*:*:*:*
CVSS
Base: 2.1 (as of 13-12-2022 - 12:15)
Impact:
Exploitability:
CWE CWE-320
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:L/AC:L/Au:N/C:P/I:N/A:N
redhat via4
advisories
rhsa
id RHSA-2017:2029
rpms
  • openssh-0:7.4p1-11.el7
  • openssh-askpass-0:7.4p1-11.el7
  • openssh-cavs-0:7.4p1-11.el7
  • openssh-clients-0:7.4p1-11.el7
  • openssh-debuginfo-0:7.4p1-11.el7
  • openssh-keycat-0:7.4p1-11.el7
  • openssh-ldap-0:7.4p1-11.el7
  • openssh-server-0:7.4p1-11.el7
  • openssh-server-sysvinit-0:7.4p1-11.el7
  • pam_ssh_agent_auth-0:0.10.3-1.11.el7
refmap via4
bid 94977
confirm
mlist
  • [debian-lts-announce] 20180910 [SECURITY] [DLA 1500-1] openssh security update
  • [oss-security] 20161219 Announce: OpenSSH 7.4 released
sectrack 1037490
Last major update 13-12-2022 - 12:15
Published 05-01-2017 - 02:59
Last modified 13-12-2022 - 12:15
Back to Top