sshd in OpenSSH prior to 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote malicious users to bypass intended environment restrictions by using a substring located before a wildcard character.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
oracle communications user data repository 10.0.1 |
||
openbsd openssh |
||
openbsd openssh 6.4 |
||
openbsd openssh 6.1 |
||
openbsd openssh 6.0 |
||
openbsd openssh 6.3 |
||
openbsd openssh 6.2 |