CVE-2016-10009

Published: Jan 5, 2017

Modified: May 29, 2026

PUBLISHED

Description

Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/openbsd/src/commit/9476ce1dd37d3c3218d5640b74c34c65e5f4efe5

40963

exploit

https://security.netapp.com/advisory/ntap-20171130-0002/

94968

vdb-entry

[oss-security] 20161219 Announce: OpenSSH 7.4 released

mailing-list

1037490

vdb-entry

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03818en_us

FreeBSD-SA-17:01

vendor-advisory

USN-3538-1

vendor-advisory

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.647637

RHSA-2017:2029

vendor-advisory

http://packetstormsecurity.com/files/140261/OpenSSH-Arbitrary-Library-Loading.html

[debian-lts-announce] 20180910 [SECURITY] [DLA 1500-1] openssh security update

mailing-list

https://www.openssh.com/txt/release-7.4

https://bugs.chromium.org/p/project-zero/issues/detail?id=1009

https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf

[oss-security] 20230719 CVE-2023-38408: Remote Code Execution in OpenSSH's forwarded ssh-agent

mailing-list

20230719 CVE-2023-38408: Remote Code Execution in OpenSSH's forwarded ssh-agent

mailing-list

[oss-security] 20230719 Re: CVE-2023-38408: Remote Code Execution in OpenSSH's forwarded ssh-agent

mailing-list

http://packetstormsecurity.com/files/173661/OpenSSH-Forwarded-SSH-Agent-Remote-Code-Execution.html

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2016-10009

Description

Affected Products

References