Privilege Escalation via Unprivileged Unix-Domain Socket Forwarding in OpenSSH

Privilege Escalation via Unprivileged Unix-Domain Socket Forwarding in OpenSSH

CVE-2016-10010 · MEDIUM Severity

AV:L/AC:M/AU:N/C:C/I:C/A:C

sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.

Learn more about our Cis Benchmark Audit For Server Software.