VULHUB ™

OpenSSH is a freely available, open source implementation of the SSH protocol. It is distributed and maintained by the OpenBSD Project. A problem has been discovered in the OpenSSH package that could allow users unintended access on systems. The problem is due to the ability of users to access a system via SFTP by default. A user with privileges limited by their key set could access a system via SFTP, and potentially overwrite, remove, or otherwise alter files, and gain local shell access on the system. This could make it possible for a remote user to gain unintended access, and elevated privileges on a system.

OpenSSH is a freely available, open source implementation of the SSH protocol. It is distributed and maintained by the OpenBSD Project. A problem has been discovered in the OpenSSH package that could allow users unintended access on systems. The problem is due to the ability of users to access a system via SFTP by default. A user with privileges limited by their key set could access a system via SFTP, and potentially overwrite, remove, or otherwise alter files, and gain local shell access on the system. This could make it possible for a remote user to gain unintended access, and elevated privileges on a system.