CVE-2014-2532 in Communications Policy Managementinformación

Resumen (Inglés)

sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservar

2014-03-17

Divulgación

2014-03-18

Estado

Confirmado

Voces

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerabilidad	CWE	Exp	Con	CVE
92825	Oracle Communications Policy Management OpenSSH escalada de privilegios	264	No está definido	Arreglo oficial	CVE-2014-2532
82642	Oracle Communications User Data Repository OpenSSH escalada de privilegios	264	No probado	Arreglo oficial	CVE-2014-2532
12683	OpenBSD OpenSSH Configuration child_set_env escalada de privilegios	264	Prueba de concepto	Arreglo oficial	CVE-2014-2532

Descripción

CPE

CWE

CVSS

Hazañas

Historia

Diferencia

Relacionar

Inteligencia de amenazas

API JSON

API XML

API CSV

Fuentes

◂ AnteriorVisión De ConjuntoPróximo ▸

Do you need the next level of professionalism?

Upgrade your account now!