Skip to navigation

CVE Database

CVE-2008-1657

Impact: Low
Public: 2008-03-31
Bugzilla: 440268: CVE-2008-1657 openssh: commands in ~/.ssh/rc override ForceCommand directive

Details

The MITRE CVE dictionary describes this issue as:

OpenSSH 4.4 up to versions before 4.9 allows remote authenticated users to bypass the sshd_config ForceCommand directive by modifying the .ssh/rc session file.

Find out more about CVE-2008-1657 from the MITRE CVE dictionary and NIST NVD.

Statement

Not vulnerable. These issues did not affect the versions of OpenSSH as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.

Red Hat security errata

Platform Errata Release Date

External References

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact the Red Hat Security Response Team.