Summary
OpenSSH is prone to a remote memory-corruption vulnerability.
Impact
An attacker can exploit this issue to execute arbitrary code in context of the application. Failed exploits may result in denial-of- service conditions.
Solution
Updates are available.
Insight
The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service (memory corruption) or have unspecified other impact via vectors that trigger an error condition.
Affected
OpenSSH 6.4 and prior with J-PAKE implemented are vulnerable.
Detection
Check the version.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2014-1692 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Adobe Air Remote Code Execution Vulnerability -June13 (Windows)
- Adobe AIR Multiple Vulnerabilities -01 April 13 (Mac OS X)
- Adobe Captivate Insecure Library Loading Vulnerability
- Adobe Air Code Execution and DoS Vulnerabilities (Windows)
- Adobe Acrobat and Reader Multiple Vulnerabilities -July10 (Windows)