QwikSec

Security Database

CVE

CWE

Training

CVE-2015-6565

Published: Aug 24, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

sshd in OpenSSH 6.8 and 6.9 uses world-writable permissions for TTY devices, which allows local users to cause a denial of service (terminal disruption) or possibly have unspecified other impact by writing to a device, as demonstrated by writing an escape sequence.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[oss-security] 20150821 Re: CVE request - OpenSSH 6.9 PAM privilege separation vulnerabilities

mailing-list

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131085

vendor-advisory

vdb-entry

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888

http://www.openssh.com/txt/release-7.0

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380

exploit

[oss-security] 20170126 Re: OpenSSH: CVE-2015-6565 (pty issue in 6.8-6.9) can lead to local privesc on Linux

mailing-list

vdb-entry

https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.