A new vulnerability has been discovered in OpenSSH that permits attackers to obtain sensitive information from authenticated sessions.
This could be exploited through an option called "UseRoaming", that allows the clients to reconnect to the server and resume their interrupted SSH session.
The vulnerability can also allows malicious users to possibly obtain sensitive information, execute arbitrary code, compromise the system and bypass security restrictions as well.
OpenSSH versions 5.4 to 7.1;
- Log files
- Nagios ® World
- Online services
- Frequently Asked Questions
- Itefix Labs
- User Forum Archive (2005 - 2016)