Launchpad CVE tracker

CVE 2016-10010

sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.

Related bugs and status

CVE-2016-10010 (Candidate) is related to these bugs:

Bug #1732172: [CVE] Security Vulnerabilities in OpenSSH on Ubuntu 14.04

Summary				In	Importance	Status
	1732172	[CVE] Security Vulnerabilities in OpenSSH on Ubuntu 14.04		openssh (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

EXPLOIT-DB: 40962
MLIST: [oss-security] 2016121...
MISC: http://packetstormsecu...
MISC: https://bugs.chromium....
CONFIRM: https://github.com/ope...
CONFIRM: https://www.openssh.co...
BID: 94972
SECTRACK: 1037490
CONFIRM: http://www.slackware.c...
FREEBSD: FreeBSD-SA-17:01
CONFIRM: https://security.netap...
CONFIRM: https://support.hpe.co...
CONFIRM: https://cert-portal.si...

Launchpad.net

CVE 2016-10010

Related bugs and status

Related bugs

References