The PAM conversation function in OpenSSH 3.7.1 and 3.7.1p1 interprets an array of structures as an array of pointers, which allows malicious users to modify the stack and possibly gain privileges.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openbsd openssh 3.7.1 |
||
openbsd openssh 3.7.1p1 |