Home CVE Database CVE-2016-0778

CVE-2016-0778

Description

The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which allows remote servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact by requesting many forwardings.

Priority: MEDIUM
CVSS v3: 8.1
Publish Date: Jan 14, 2016
Related ID: --
CVSS v2: High
Modified Date: Jan 21, 2016

Find out more about CVE-2016-0778 from the MITRE-CVE dictionary and NIST NVD


Products Affected

Login may be required to access defects or downloads.

Related Products

Product Name Status Defect Fixed Downloads
Linux 7 SCP Not Vulnerable -- -- --
Linux 7 CGP Not Vulnerable -- -- --

Comments

openssh

Live chat
Online