CVE-2013-4548

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2013-4548

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2013-4548.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2013-4548

Downstream

DEBIAN-CVE-2013-4548

Published

2013-11-08T15:55:13Z

Modified

2026-04-10T03:43:00.856017Z

Summary

[none]

Details

The mmnewkeysfromblob function in monitorwrap.c in sshd in OpenSSH 6.2 and 6.3, when an AES-GCM cipher is used, does not properly initialize memory for a MAC context data structure, which allows remote authenticated users to bypass intended ForceCommand and login-shell restrictions via packet data that provides a crafted callback address.

References

http://www.openssh.com/txt/gcmrekey.adv
http://www.ubuntu.com/usn/USN-2014-1
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00017.html
http://marc.info/?l=bugtraq&m=141576985122836&w=2
http://openwall.com/lists/oss-security/2013/11/08/3

CVE-2013-4548

Affected packages