Vulnerability: SSH Communications SSH Server Privilege Escalation

Secure Shell is the commercial SSH implementation distributed and maintained by SSH Communications.

According to a report by Security Focus the setsid() function is used to create a new process group for forked processes. "It has been reported that SSH server fails to run setsid() on non-interactive sessions, resulting in user processes in the parent process group and retaining the 'root' login name.

For more information click here.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about SecurityFocusSSH Communications

Show Comments