Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
OpenSSH 3.6.1 and earlier, when restricting host access by numeric IP addresses and with VerifyReverseMapping disabled, allows remote attackers to bypass "from=" and "user@host" address restrictions by connecting to a host from a system whose reverse DNS hostname contains the numeric IP address.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenSSH远程客户端地址限制可绕过漏洞
Vulnerability Description
OpenSSH提供多项机制可限制客户端访问服务器,单独用户可以在$HOME/.ssh/authorized_keys文件中使用"From=<hostpattern>"选项,sshd_config文件可以使用'<userpattern>@<hostpattern>'来限制部分用户从部分主机上登录。Hostpatterns类似Unix glob文件匹配,可使用?和*作为通用字符,IP地址和主机名都可以定义在pattern中。 OpenSSH在对客户端主机进行反向解析实现上存在问题,远程攻击者可以利用这个漏洞通
CVSS Information
N/A
Vulnerability Type
N/A