| VID |
14012 |
| Severity |
40 |
| Port |
22 |
| Protocol |
TCP |
| Class |
Ssh |
| Detailed Description |
OpenSSH versions prior than 3.0.2 are vulnerable to an enviroment variables export that can allow a local user to execute command with root privileges.
OpenSSH is a freely available, open source implementation of the Secure Shell protocol. It is maintained by members of the OpenBSD team.
If OpenSSH is configured to use 'login' via the non-default UseLogin configuration option, local users may be able to have arbitrary environment variables set for the 'login' process. By setting LD_PRELOAD and creating a malicious shared library, it is possible for an attacker to execute arbitrary code as root.
This problem affect only versions prior than 3.0.2, and when the UseLogin feature is enabled (usually disabled by default) |
| Recommendation |
Upgrade to OpenSSH 3.0.2 or apply the patch for prior versions.
You can refer to the following site for upgrading or patch:
http://www.securityfocus.com/cgi-bin/vulns-item.pl?section=solution&id=3614 |
| Related URL |
CVE-2001-0872 (CVE) |
| Related URL |
3614 (SecurityFocus) |
| Related URL |
7647 (ISS) |
|
