vulnerability

CentOS Linux: CVE-2016-10009: Moderate: openssh security, bug fix, and enhancement update (CESA-2017:2029)

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Jan 5, 2017
Added
Aug 28, 2019
Modified
May 25, 2023

Description

Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.

Solution(s)

centos-upgrade-opensshcentos-upgrade-openssh-askpasscentos-upgrade-openssh-cavscentos-upgrade-openssh-clientscentos-upgrade-openssh-debuginfocentos-upgrade-openssh-keycatcentos-upgrade-openssh-ldapcentos-upgrade-openssh-servercentos-upgrade-openssh-server-sysvinitcentos-upgrade-pam_ssh_agent_auth
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.