SSH Secure Shell for Servers and SSH Secure Shell for Workstations 2.0.13 up to and including 3.2.1, when running without a PTY, does not call setsid to remove the child process from the process group of the parent process, which allows malicious users to gain certain privileges.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ssh ssh2 2.4 |
||
ssh ssh2 2.5 |
||
ssh ssh2 3.1.4 |
||
ssh ssh2 3.2 |
||
ssh ssh2 3.0 |
||
ssh ssh2 3.0.1 |
||
ssh ssh2 3.2.1 |
||
ssh ssh2 2.2 |
||
ssh ssh2 2.3 |
||
ssh ssh2 3.1.2 |
||
ssh ssh2 3.1.3 |
||
ssh ssh2 2.0.13 |
||
ssh ssh2 2.1 |
||
ssh ssh2 3.1 |
||
ssh ssh2 3.1.1 |