FreeBSD : OpenSSH -- PAM vulnerabilities (2920c449-4850-11e5-825f-c80aa9043978)
High Nessus Plugin ID 85594
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionOpenSSH 6.8 and 6.9 incorrectly set TTYs to be world-writable. Local attackers may be able to write arbitrary messages to logged-in users, including terminal escape sequences. Reported by Nikolay Edigaryev.
Fixed a privilege separation weakness related to PAM support.
Attackers who could successfully compromise the pre-authentication process for remote code execution and who had valid credentials on the host could impersonate other users.
Fixed a use-after-free bug related to PAM support that was reachable by attackers who could compromise the pre-authentication process for remote code execution.
SolutionUpdate the affected package.