thr3ads.net - openssh unix dev - CVE-2015-6563 and CVE-2015-6564 [Sep 2015]

If this information is useful, please help other people find it:
Share via:

Twitter
Facebook
Email

Scott Neugroschl

2015-Sep-10 17:32 UTC

CVE-2015-6563 and CVE-2015-6564

Got a question.   Am I vulnerable to CVE-2015-6563 and CVE-2015-6564  if I have
PAM support disabled (--without-pam)?

---
Scott Neugroschl | XYPRO Technology Corporation
4100 Guardian Street | Suite 100 |Simi Valley, CA 93063 | Phone 805 583-2874|Fax
805 583-0124 |

Darren Tucker

2015-Sep-10 23:36 UTC

head link

CVE-2015-6563 and CVE-2015-6564

On Fri, Sep 11, 2015 at 3:32 AM, Scott Neugroschl <scott_n at xypro.com>
wrote:
> Got a question.   Am I vulnerable to CVE-2015-6563 and CVE-2015-6564  if I
> have PAM support disabled (--without-pam)
>
No.  The code in question is not compiled in when sshd is built
--without-pam.

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

openssh unix dev - Sep 2015 - CVE-2015-6563 and CVE-2015-6564

CVE-2015-6563 and CVE-2015-6564

CVE-2015-6563 and CVE-2015-6564