Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2016-3115

CWE-20Improper Input Validation14 documents10 sources
Severity
6.4MEDIUM
EPSS
44.0%
top 2.46%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Openbsd OpensshOracle VM Server
Timeline
PublishedMar 22
Latest updateMay 14

Description

Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:NExploitability: 3.1 | Impact: 2.7

Affected Packages3 packages

Debianopenssh< 1:7.2p2-1+3

🔴Vulnerability Details

3
GHSA
GHSA-p759-vw7c-cvg8: Multiple CRLF injection vulnerabilities in session2022-05-14
CVEList
CVE-2016-3115: Multiple CRLF injection vulnerabilities in session2016-03-22
OSV
CVE-2016-3115: Multiple CRLF injection vulnerabilities in session2016-03-22

💥Exploits & PoCs

1
Exploit-DB
OpenSSH 7.2p1 - (Authenticated) xauth Command Injection2016-03-16

📋Vendor Advisories

4
Ubuntu
OpenSSH vulnerabilities2016-05-09
BSD
FreeBSD-SA-16:14.openssh: OpenSSH xauth(1) command injection2016-03-16
Red Hat
openssh: missing sanitisation of input for X11 forwarding2016-03-10
Debian
CVE-2016-3115: openssh - Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7...2016

💬Community

5
Bugzilla
CVE-2016-5725 jsch: ChannelSftp path traversal vulnerability2016-09-14
Bugzilla
CVE-2016-3115 gsi-openssh: openssh: missing sanitisation of input for X11 forwarding [fedora-all]2016-03-16
Bugzilla
CVE-2016-3115 gsi-openssh: openssh: missing sanitisation of input for X11 forwarding [epel-all]2016-03-16
Bugzilla
CVE-2016-3115 openssh: missing sanitisation of input for X11 forwarding2016-03-11
Bugzilla
CVE-2016-3115 openssh: missing sanitisation of input for X11 forwarding [fedora-all]2016-03-11
CVE-2016-3115 (MEDIUM CVSS 6.4) | Multiple CRLF injection vulnerabili | cvebase.io