VULHUB ™

OpenSSH is a freely available, open source implementation of the Secure Shell protocol. It is maintained by members of the OpenBSD team. If OpenSSH is configured to use 'login' via the non-default UseLogin configuration option, local users may be able to have arbitrary environment variables set for the 'login' process. By setting LD_PRELOAD and creating a malicious shared library, it is possible for an attacker to execute arbitrary code as root.

OpenSSH is a freely available, open source implementation of the Secure Shell protocol. It is maintained by members of the OpenBSD team. If OpenSSH is configured to use 'login' via the non-default UseLogin configuration option, local users may be able to have arbitrary environment variables set for the 'login' process. By setting LD_PRELOAD and creating a malicious shared library, it is possible for an attacker to execute arbitrary code as root.