Is OpenSSH shipped with RHEL affected by CVE-2008-1657 ?
Issue
- Is OpenSSH shipped with Red Hat Enterprise Linux affected by CVE-2008-1657 ?
Vulnerability Name: (CVE-2008-1657)OpenSSH ForceCommand Command Execution Weaknes.
Description: OpenSSH 4.4 up to versions before 4.9 allows remote authenticated users to bypass the sshd_config ForceCommand directive by modifying the .ssh/rc session file.
Environment
- Red Hat Enterprise Linux
- OpenSSH
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.