Description
A certain Red Hat modification to the ChrootDirectory feature in OpenSSH 4.8, as used in sshd in OpenSSH 4.3 in Red Hat Enterprise Linux (RHEL) 5.4 and Fedora 11, allows local users to gain privileges via hard links to setuid programs that use configuration files within the chroot directory, related to requirements for directory ownership.
References (11)
Core 11
Core References
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/38794
Various Sources mailing-list
x_refsource_mlist
http://lists.vmware.com/pipermail/security-announce/2010/000082.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/36552
Vendor Advisory vendor-advisory
x_refsource_redhat
https://rhn.redhat.com/errata/RHSA-2009-1470.html
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2010-March/038214.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/38834
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/58495
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/39182
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9862
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=522141
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/0528
Scores
EPSS
0.0004
EPSS Percentile
12.0%
Details
CWE
CWE-16
Status
published
Products (2)
openbsd/openssh
4.3
openbsd/openssh
4.8
Published
Oct 01, 2009
Tracked Since
Feb 18, 2026