Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | openssh | < 1:7.4p1-1 | openssh_1:7.4p1-1_all.deb |
Debian | 11 | all | openssh | < 1:7.4p1-1 | openssh_1:7.4p1-1_all.deb |
Debian | 10 | all | openssh | < 1:7.4p1-1 | openssh_1:7.4p1-1_all.deb |
Debian | 999 | all | openssh | < 1:7.4p1-1 | openssh_1:7.4p1-1_all.deb |
Debian | 13 | all | openssh | < 1:7.4p1-1 | openssh_1:7.4p1-1_all.deb |