CVE-2014-2532CVE-2014-2532

Affected configuration(s):

cpe:/a:openbsd:openssh:6.0
cpe:/a:openbsd:openssh:6.1
cpe:/a:openbsd:openssh:6.2
cpe:/a:openbsd:openssh:6.3
cpe:/a:openbsd:openssh:6.4
cpe:/a:openbsd:openssh:6.5
cpe:/a:oracle:communications_user_data_repository:10.0.1

Date published: 2014-03-18T01:18:19.000-04:00

Date last modified: 2017-08-28T21:34:31.810-04:00

CVSS Score: 5.8

Principal attack vector: NETWORK

Complexity:  MEDIUM

Reference URL: http://advisories.mageia.org/MGASA-2014-0143.html

Summary: sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.