CVE-2016-3115: openssh: bypass SSH restrictions

SUMMARY

An authorized SSH client with restricted access can potentially bypass the restrictions.

CVE ID

CVE-2016-3115

DESCRIPTION

CVE-2016-3115: openssh: bypass SSH restrictions

It was discovered that the OpenSSH server did not sanitize data received in requests to enable X11 forwarding. An authenticated client with restricted SSH access could possibly use this flaw to bypass intended restrictions.
 
Unitrends Risk Assessment: None
The Unitrends system only has one authenticated SSH user, root.   So there are no restricted users with SSH access to exploit this issue.

 

RESOLUTION


No action is required. 
For CentOS6, this could also be resolved in an updated openssh-5.3p1-114.el6 rpm from Red Hat.
 
 

LINK TO ADVISORIES

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Contact us