CVE-2008-1657

OpenSSH 4.4 up to versions before 4.9 allows remote authenticated users to bypass the sshd_config ForceCommand directive by modifying the .ssh/rc session file.

Published : 2008-04-02 18:44 Updated : 2018-10-11 20:35

6.5
CVSS Score More info
Score 6.5 / 10
6.5
Vendor Product Version URI
Openbsd Openssh 4.4 cpe:/a:openbsd:openssh:4.4
Openbsd Openssh 4.5 cpe:/a:openbsd:openssh:4.5
Openbsd Openssh 4.4p1 cpe:/a:openbsd:openssh:4.4p1
Openbsd Openssh 4.8 cpe:/a:openbsd:openssh:4.8
Openbsd Openssh 4.6 cpe:/a:openbsd:openssh:4.6
Openbsd Openssh 4.7 cpe:/a:openbsd:openssh:4.7
  1. Openbsd (1) Search CVE
    1. Openssh (6) Search CVE
      1. 4.4
      2. 4.5
      3. 4.4p1
      4. 4.8
      5. 4.6
      6. 4.7

CWE

ID Name Description Links
CWE-264 Permissions, Privileges, and Access Controls Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control. CVE