Release date

2018-08-10

Last Updated

2018-09-05

Issue Severity

High

 

Source

Source

nvd.nist.gov

Release date

2017-04-01

CVSS v2 Base Score

7.5 (HIGH)

Problem Description

CVE-2016-10009: Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.

Find more about this vulnerability from nvd.nist.gov.

Impact

An investigation determined that no FoxT products are vulnerable, since BoKS SSH does not support PKCS11 cards. Please review this advisory for updates.

Affected Products

 

Product name

Version

None

N/A

 

Workaround

N/A.

 

Obtaining Fixed Software

 N/A 

External References

FreeBSD Advisory

 

 


Still have questions? We can help. Submit a case to Technical Support.

Last Modified On: April 16, 2019