Wind River Support Network

HomeDefectsLIN5-21074
Fixed

LIN5-21074 : Security Advisory - openssh - CVE-2016-0777

Created: Jan 14, 2016    Updated: May 29, 2018
Resolved Date: Jan 24, 2016
Found In Version: 5.0.1.33
Fix Version: 5.0.1.35
Severity: Severe
Applicable for: Wind River Linux 5
Component/s: Userspace

Description

The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0777

Security Notices


Other Downloads


Live chat
Online