A locally exploitable privilege escalation vulnerability exists in SSH Secure Shell versions 2.0.13 - 3.2.1.
Secure Shell for Servers, developed by SSH Communications Security, does not properly remove the child process from the master process group after non-interactive command execution. Quoting from the SSH Communications Security Advisory:
When used in non-interactive connections, a defect in process grouping
A local attacker may be able to gain elevated privileges.
Upgrade your software. Note that both Secure Shell for Servers and Secure Shell for Workstations need to be updated to eliminate this vulnerability.
SSH Communications Security
Thanks to Logan Gabriel for reporting this vulnerability.
This document was written by Ian A Finlay.
|Date First Published:||2002-11-25|
|Date Last Updated:||2008-05-29 21:58 UTC|