CVE-2009-2904 — Openssh vulnerability

CWE-167 documents7 sources

Severity

6.9MEDIUMNVD

EPSS

0.0%

top 88.18%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Openbsd Openssh

Timeline

PublishedOct 1

Latest updateMay 2

Description

A certain Red Hat modification to the ChrootDirectory feature in OpenSSH 4.8, as used in sshd in OpenSSH 4.3 in Red Hat Enterprise Linux (RHEL) 5.4 and Fedora 11, allows local users to gain privileges via hard links to setuid programs that use configuration files within the chroot directory, related to requirements for directory ownership.

CVSS vector

AV:L/AC:M/C:C/I:C/A:CExploitability: 3.4 | Impact: 10.0

Affected Packages1 packages

▶NVDopenbsd/openssh4.3, 4.8+1

🔴Vulnerability Details

GHSA

GHSA-73m8-jfrm-fr4j: A certain Red Hat modification to the ChrootDirectory feature in OpenSSH 4↗2022-05-02

▶

CVEList

CVE-2009-2904: A certain Red Hat modification to the ChrootDirectory feature in OpenSSH 4↗2009-10-01

▶

💥Exploits & PoCs

Exploit-DB

Ebay Clone 2009 - Multiple SQL Injections↗2009-07-11

▶

📋Vendor Advisories

Red Hat

openssh: possible privilege escalation when using ChrootDirectory setting↗2009-09-30

▶

Debian

CVE-2009-2904: openssh - A certain Red Hat modification to the ChrootDirectory feature in OpenSSH 4.8, as...↗2009

▶

💬Community

Bugzilla

CVE-2009-2904 openssh: possible privilege escalation when using ChrootDirectory setting↗2009-09-09

▶