cbcvebase.
CVE-2015-6563
published 2015-08-24

CVE-2015-6563: The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which…

PriorityP427medium6.4CVSS 3.1
AVLACHPRHUINSUCHIHAH
EPSS
0.38%
29.7th percentile
The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c.

Affected

8 ranges
VendorProductVersion rangeFixed in
applemac_os_x<= 10.11.0
appleos_x_el_capitan_10.11.1_security_update_2015-004_yosemite_and_security_update_20
debianopenssh< openssh 1:6.9p1-1 (bookworm)openssh 1:6.9p1-1 (bookworm)
openbsdopenssh<= 6.9
openbsdopenssh>= 0 < 1:6.9p1-11:6.9p1-1
openbsdopenssh>= 0 < 1:6.9p1-11:6.9p1-1
openbsdopenssh>= 0 < 1:6.9p1-11:6.9p1-1
openbsdopenssh>= 0 < 1:6.9p1-11:6.9p1-1

CVSS provenance

nvdv3.16.4MEDIUMCVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
nvdv2.01.9LOWAV:L/AC:M/Au:N/C:N/I:P/A:N
osv1.9LOW
vendor_debian1.9LOW
vendor_redhat1.9LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.