CVE-2016-0777

Sažetak

The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.

Reference

http://www.openssh.com/txt/release-7.1p2
http://www.openwall.com/lists/oss-security/2016/01/14/7
https://support.apple.com/HT206167
http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html
https://blogs.sophos.com/2016/02/17/utm-up2date-9-354-released/
https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05247375
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
http://www.securityfocus.com/bid/80695
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10734
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176516.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175592.html
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00013.html
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00006.html
http://seclists.org/fulldisclosure/2016/Jan/44
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175676.html
https://bto.bluecoat.com/security-advisory/sa109
http://www.debian.org/security/2016/dsa-3446
http://www.ubuntu.com/usn/USN-2869-1
https://security.gentoo.org/glsa/201601-01
http://www.securitytracker.com/id/1034671
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00007.html
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00014.html
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00009.html
http://packetstormsecurity.com/files/135273/Qualys-Security-Advisory-OpenSSH-Overflow-Leak.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176349.html
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:07.openssh.asc
http://www.securityfocus.com/archive/1/537295/100/0/threaded
https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf

CVSS

Base:	4.0
Impact:	2.9
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:S/C:P/I:N/A:N

Zadnje važnije ažuriranje

13-12-2022 - 12:15

Objavljeno

14-01-2016 - 22:59