Main Vulnerability Database Exploits ID:3710 - Exploit for Permissions, Privileges, and Access Controls in OpenSSH - CVE-2015-6565

ID:3710 - Exploit for Permissions, Privileges, and Access Controls in OpenSSH - CVE-2015-6565

Published: August 4, 2020

Vulnerability identifier: #VU33287

Vulnerability risk: Low

CVE-ID: CVE-2015-6565

CWE-ID: CWE-264

Exploitation vector: Local access

Vulnerable software:
OpenSSH

Link to public exploit:

https://www.exploit-db.com/exploits/41173/

Vulnerability description

The vulnerability allows a local non-authenticated attacker to execute arbitrary code.

sshd in OpenSSH 6.8 and 6.9 uses world-writable permissions for TTY devices, which allows local users to cause a denial of service (terminal disruption) or possibly have unspecified other impact by writing to a device, as demonstrated by writing an escape sequence.

Remediation

Install update from vendor's website.

ID:3710 - Exploit for Permissions, Privileges, and Access Controls in OpenSSH - CVE-2015-6565

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human