Rivoreo Source Code Repositories
src.rivoreo.one / security / openssh-library / 85bdcd7c92fe7ff133bbc4e10a65c91810f88755
commit85bdcd7c92fe7ff133bbc4e10a65c91810f88755[log] [download]
authorDamien Miller <djm@mindrot.org>Wed Apr 13 10:39:57 2016 +1000
committerDamien Miller <djm@mindrot.org>Wed Apr 13 10:44:42 2016 +1000
tree81bd3cec4c5770fcbb3984996dc69d79ff593e18
parentdce19bf6e4a2a3d0b13a81224de63fc316461ab9 [diff]
ignore PAM environment vars when UseLogin=yes

If PAM is configured to read user-specified environment variables
and UseLogin=yes in sshd_config, then a hostile local user may
attack /bin/login via LD_PRELOAD or similar environment variables
set via PAM.

CVE-2015-8325, found by Shayan Sadigh, via Colin Watson
1 file changed
tree: 81bd3cec4c5770fcbb3984996dc69d79ff593e18
  1. .cvsignore
  2. CREDITS
  3. INSTALL
  4. LICENCE
  5. Makefile.in
  6. OVERVIEW
  7. PROTOCOL
  8. PROTOCOL.agent
  9. PROTOCOL.certkeys
  10. PROTOCOL.chacha20poly1305
  11. PROTOCOL.key
  12. PROTOCOL.krl
  13. PROTOCOL.mux
  14. README
  15. README.dns
  16. README.platform
  17. README.privsep
  18. README.tun
  19. TODO
  20. aclocal.m4
  21. addrmatch.c
  22. atomicio.c
  23. atomicio.h
  24. audit-bsm.c
  25. audit-linux.c
  26. audit.c
  27. audit.h
  28. auth-bsdauth.c
  29. auth-chall.c
  30. auth-krb5.c
  31. auth-options.c
  32. auth-options.h
  33. auth-pam.c
  34. auth-pam.h
  35. auth-passwd.c
  36. auth-rh-rsa.c
  37. auth-rhosts.c
  38. auth-rsa.c
  39. auth-shadow.c
  40. auth-sia.c
  41. auth-sia.h
  42. auth-skey.c
  43. auth.c
  44. auth.h
  45. auth1.c
  46. auth2-chall.c
  47. auth2-gss.c
  48. auth2-hostbased.c
  49. auth2-kbdint.c
  50. auth2-none.c
  51. auth2-passwd.c
  52. auth2-pubkey.c
  53. auth2.c
  54. authfd.c
  55. authfd.h
  56. authfile.c
  57. authfile.h
  58. bitmap.c
  59. bitmap.h
  60. blocks.c
  61. bufaux.c
  62. bufbn.c
  63. bufec.c
  64. buffer.c
  65. buffer.h
  66. buildpkg.sh.in
  67. canohost.c
  68. canohost.h
  69. chacha.c
  70. chacha.h
  71. channels.c
  72. channels.h
  73. cipher-3des1.c
  74. cipher-aes.c
  75. cipher-aesctr.c
  76. cipher-aesctr.h
  77. cipher-bf1.c
  78. cipher-chachapoly.c
  79. cipher-chachapoly.h
  80. cipher-ctr.c
  81. cipher.c
  82. cipher.h
  83. cleanup.c
  84. clientloop.c
  85. clientloop.h
  86. compat.c
  87. compat.h
  88. config.guess
  89. config.sub
  90. configure.ac
  91. contrib/
  92. crc32.c
  93. crc32.h
  94. crypto_api.h
  95. deattack.c
  96. deattack.h
  97. defines.h
  98. dh.c
  99. dh.h
  100. digest-libc.c
  101. digest-openssl.c
  102. digest.h
  103. dispatch.c
  104. dispatch.h
  105. dns.c
  106. dns.h
  107. ed25519.c
  108. entropy.c
  109. entropy.h
  110. fatal.c
  111. fe25519.c
  112. fe25519.h
  113. fixalgorithms
  114. fixpaths
  115. fixprogs
  116. ge25519.c
  117. ge25519.h
  118. ge25519_base.data
  119. groupaccess.c
  120. groupaccess.h
  121. gss-genr.c
  122. gss-serv-krb5.c
  123. gss-serv.c
  124. hash.c
  125. hmac.c
  126. hmac.h
  127. hostfile.c
  128. hostfile.h
  129. includes.h
  130. install-sh
  131. kex.c
  132. kex.h
  133. kexc25519.c
  134. kexc25519c.c
  135. kexc25519s.c
  136. kexdh.c
  137. kexdhc.c
  138. kexdhs.c
  139. kexecdh.c
  140. kexecdhc.c
  141. kexecdhs.c
  142. kexgex.c
  143. kexgexc.c
  144. kexgexs.c
  145. key.c
  146. key.h
  147. krl.c
  148. krl.h
  149. log.c
  150. log.h
  151. loginrec.c
  152. loginrec.h
  153. logintest.c
  154. mac.c
  155. mac.h
  156. match.c
  157. match.h
  158. md-sha256.c
  159. md5crypt.c
  160. md5crypt.h
  161. mdoc2man.awk
  162. misc.c
  163. misc.h
  164. mkinstalldirs
  165. moduli
  166. moduli.5
  167. moduli.c
  168. monitor.c
  169. monitor.h
  170. monitor_fdpass.c
  171. monitor_fdpass.h
  172. monitor_mm.c
  173. monitor_mm.h
  174. monitor_wrap.c
  175. monitor_wrap.h
  176. msg.c
  177. msg.h
  178. mux.c
  179. myproposal.h
  180. nchan.c
  181. nchan.ms
  182. nchan2.ms
  183. opacket.c
  184. opacket.h
  185. openbsd-compat/
  186. openssh.xml.in
  187. opensshd.init.in
  188. packet.c
  189. packet.h
  190. pathnames.h
  191. pkcs11.h
  192. platform-pledge.c
  193. platform.c
  194. platform.h
  195. poly1305.c
  196. poly1305.h
  197. progressmeter.c
  198. progressmeter.h
  199. readconf.c
  200. readconf.h
  201. readpass.c
  202. regress/
  203. rijndael.c
  204. rijndael.h
  205. rsa.c
  206. rsa.h
  207. sandbox-capsicum.c
  208. sandbox-darwin.c
  209. sandbox-null.c
  210. sandbox-pledge.c
  211. sandbox-rlimit.c
  212. sandbox-seccomp-filter.c
  213. sandbox-solaris.c
  214. sandbox-systrace.c
  215. sc25519.c
  216. sc25519.h
  217. scard/
  218. scp.1
  219. scp.c
  220. servconf.c
  221. servconf.h
  222. serverloop.c
  223. serverloop.h
  224. session.c
  225. session.h
  226. sftp-client.c
  227. sftp-client.h
  228. sftp-common.c
  229. sftp-common.h
  230. sftp-glob.c
  231. sftp-server-main.c
  232. sftp-server.8
  233. sftp-server.c
  234. sftp.1
  235. sftp.c
  236. sftp.h
  237. smult_curve25519_ref.c
  238. ssh-add.1
  239. ssh-add.c
  240. ssh-agent.1
  241. ssh-agent.c
  242. ssh-dss.c
  243. ssh-ecdsa.c
  244. ssh-ed25519.c
  245. ssh-gss.h
  246. ssh-keygen.1
  247. ssh-keygen.c
  248. ssh-keyscan.1
  249. ssh-keyscan.c
  250. ssh-keysign.8
  251. ssh-keysign.c
  252. ssh-pkcs11-client.c
  253. ssh-pkcs11-helper.8
  254. ssh-pkcs11-helper.c
  255. ssh-pkcs11.c
  256. ssh-pkcs11.h
  257. ssh-rsa.c
  258. ssh-sandbox.h
  259. ssh.1
  260. ssh.c
  261. ssh.h
  262. ssh1.h
  263. ssh2.h
  264. ssh_api.c
  265. ssh_api.h
  266. ssh_config
  267. ssh_config.5
  268. sshbuf-getput-basic.c
  269. sshbuf-getput-crypto.c
  270. sshbuf-misc.c
  271. sshbuf.c
  272. sshbuf.h
  273. sshconnect.c
  274. sshconnect.h
  275. sshconnect1.c
  276. sshconnect2.c
  277. sshd.8
  278. sshd.c
  279. sshd_config
  280. sshd_config.5
  281. ssherr.c
  282. ssherr.h
  283. sshkey.c
  284. sshkey.h
  285. sshlogin.c
  286. sshlogin.h
  287. sshpty.c
  288. sshpty.h
  289. sshtty.c
  290. survey.sh.in
  291. ttymodes.c
  292. ttymodes.h
  293. uidswap.c
  294. uidswap.h
  295. umac.c
  296. umac.h
  297. uuencode.c
  298. uuencode.h
  299. verify.c
  300. version.h
  301. xmalloc.c
  302. xmalloc.h