The mm_newkeys_from_blob function in monitor_wrap.c in sshd in OpenSSH 6.2 and 6.3, when an AES-GCM cipher is used, does not properly initialize memory for a MAC context data structure, which allows remote authenticated users to bypass intended ForceCommand and login-shell restrictions via packet data that provides a crafted callback address.

Published : 2013-11-08 15:55 Updated : 2019-10-09 23:08

CVSS Score More info
Score 6.0 / 10
Vendor Product Version URI
Openbsd Openssh 6.2 cpe:/a:openbsd:openssh:6.2
Openbsd Openssh 6.3 cpe:/a:openbsd:openssh:6.3
  1. Openbsd (1) Search CVE
    1. Openssh (2) Search CVE
      1. 6.2
      2. 6.3


ID Name Description Links
CWE-264 Permissions, Privileges, and Access Controls Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control. CVE

History of changes

Date Event
2013-11-08 15:55