Red Hat Customer Portal

Skip to main content

CVE-2008-1657

OpenSSH 4.4 up to versions before 4.9 allows remote authenticated users to bypass the sshd_config ForceCommand directive by modifying the .ssh/rc session file.

Details Source

Mitre

Statement

Not vulnerable. These issues did not affect the versions of OpenSSH as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.

Public Date

2008-03-31 00:00:00

Impact

Low

Bugzilla

CVE-2008-1657 openssh: commands in ~/.ssh/rc override ForceCommand directive

Bugzilla ID

440 268

CVSS Status

draft