Vulnerabilities > Openbsd > Openssh > 6.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-11-08 | CVE-2013-4548 | Permissions, Privileges, and Access Controls vulnerability in Openbsd Openssh 6.2/6.3 The mm_newkeys_from_blob function in monitor_wrap.c in sshd in OpenSSH 6.2 and 6.3, when an AES-GCM cipher is used, does not properly initialize memory for a MAC context data structure, which allows remote authenticated users to bypass intended ForceCommand and login-shell restrictions via packet data that provides a crafted callback address. | 6.0 |