The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which allows remote servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact by requesting many forwardings.
oryginał ENCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HApple Mac Os X
OSApple10.9.0 – 10.9.510.11.0 – 10.11.310.10.0 – 10.10.5HP Virtual Customer Access System
OSHp≤ 15.07Openbsd OpenSSH
APPOpenbsd5.45.55.65.75.85.96.06.16.26.36.46.56.66.76.8+ 3 więcejOracle Linux
OSOracle7Oracle Solaris
OSOracle11.3Sophos Unified Threat Management Software
APPSophos9.353
Powiązane podatności
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Up...
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Up...
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Pluggable authentication module). Su...
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier allows remote attackers to execute arbi...
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 ...