sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapshot, allows remote authenticated users to obtain access to arbitrary SELinux roles by appending a :/ (colon slash) sequence, followed by the role name, to the username.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openbsd openssh 4.0 |