Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In OpenSSH before 10.3, command execution can occur via shell metacharacters in a username within a command line. This requires a scenario where the username on the command line is untrusted, and also requires a non-default configurations of % in ssh_config.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
Vulnerability Type
不正确的行为次序
Vulnerability Title
OpenSSH 安全漏洞
Vulnerability Description
OpenSSH(OpenBSD Secure Shell)是加拿大OpenBSD开源的一套用于安全访问远程计算机的连接工具。该工具是SSH协议的开源实现,支持对所有的传输进行加密,可有效阻止窃听、连接劫持以及其他网络级的攻击。 OpenSSH 10.3之前版本存在安全漏洞,该漏洞源于命令行用户名中未处理shell元字符,可能导致命令执行。
CVSS Information
N/A
Vulnerability Type
N/A