名称:
|
CVE-2016-0778 /CVE-2016-0777
|
CWE ID:
|
CWE-119 /CWE ID:CWE-200
|
描述
The (1) roaming_read and (2) roaming_write functions in
roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when
certain proxy and forward options are enabled, do not properly maintain
connection file descriptors, which allows remote servers to cause a denial of
service (heap-based buffer overflow) or possibly have unspecified other impact
by requesting many forwardings.
描述
The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.
阅读(1328) | 评论(0) | 转发(0) |