CVE-2016-10010

Published: Jan 5, 2017

Modified: May 29, 2026

PUBLISHED

Description

sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

94972

vdb-entry

https://security.netapp.com/advisory/ntap-20171130-0002/

[oss-security] 20161219 Announce: OpenSSH 7.4 released

mailing-list

1037490

vdb-entry

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03818en_us

FreeBSD-SA-17:01

vendor-advisory

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.647637

https://github.com/openbsd/src/commit/c76fac666ea038753294f2ac94d310f8adece9ce

40962

exploit

https://bugs.chromium.org/p/project-zero/issues/detail?id=1010

http://packetstormsecurity.com/files/140262/OpenSSH-Local-Privilege-Escalation.html

https://www.openssh.com/txt/release-7.4

https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2016-10010

Description

Affected Products

References