VulnerableCode Package Details - pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u1

Search for packages

Vulnerability	Summary	Fixed by
VCID-a999-r8d4-aaad Aliases: CVE-2021-41617	sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.	1:8.4p1-5+deb11u3 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 1:9.2p1-2 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-e3dh-tjmw-aaak Aliases: CVE-2023-38408	The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.	1:8.4p1-5+deb11u3 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 1:9.2p1-2+deb12u1 Affected by 0 other vulnerabilities. 1:9.4p1-1 Affected by 0 other vulnerabilities.
VCID-w923-5vep-aaaq Aliases: CVE-2021-36368	DISPUTED An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server, or that the user wishes to allow that server to connect to a different server on the user's behalf. NOTE: the vendor's position is "this is not an authentication bypass, since nothing is being bypassed."	1:8.4p1-5+deb11u3 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 1:9.2p1-2 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 1:9.2p1-2+deb12u1 Affected by 0 other vulnerabilities. 1:9.2p1-2+deb12u3 Affected by 0 other vulnerabilities. 1:9.2p1-2+deb12u4 Affected by 0 other vulnerabilities. 1:9.2p1-2+deb12u5 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1:9.2p1-2+deb12u6 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-a999-r8d4-aaad
Aliases:
CVE-2021-41617

sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.

1:8.4p1-5+deb11u3
Affected by 3 other vulnerabilities.

1:9.2p1-2
Affected by 2 other vulnerabilities.

VCID-e3dh-tjmw-aaak
Aliases:
CVE-2023-38408

The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.

1:8.4p1-5+deb11u3
Affected by 3 other vulnerabilities.

1:9.2p1-2+deb12u1
Affected by 0 other vulnerabilities.

1:9.4p1-1
Affected by 0 other vulnerabilities.

VCID-w923-5vep-aaaq
Aliases:
CVE-2021-36368

** DISPUTED ** An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server, or that the user wishes to allow that server to connect to a different server on the user's behalf. NOTE: the vendor's position is "this is not an authentication bypass, since nothing is being bypassed."

1:8.4p1-5+deb11u3
Affected by 3 other vulnerabilities.

1:9.2p1-2
Affected by 2 other vulnerabilities.

1:9.2p1-2+deb12u1
Affected by 0 other vulnerabilities.

1:9.2p1-2+deb12u3
Affected by 0 other vulnerabilities.

1:9.2p1-2+deb12u4
Affected by 0 other vulnerabilities.

1:9.2p1-2+deb12u5
Affected by 1 other vulnerability.

1:9.2p1-2+deb12u6
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

purl	pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u1
Tags	Ghost

Next non-vulnerable version	1:9.2p1-2+deb12u6
Latest non-vulnerable version	1:9.2p1-2+deb12u6
Risk	4.4