DEBIAN-CVE-2008-3234

See a problem?
Please try reporting it to the source first.
Source
https://security-tracker.debian.org/tracker/CVE-2008-3234
Import Source
https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2008-3234.json
JSON Data
https://api.osv.dev/v1/vulns/DEBIAN-CVE-2008-3234
Upstream
Published
2008-07-18T16:41:00Z
Modified
2026-03-17T02:43:33.430285Z
Summary
[none]
Details

sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapshot, allows remote authenticated users to obtain access to arbitrary SELinux roles by appending a :/ (colon slash) sequence, followed by the role name, to the username.

References

Affected packages

Debian:11 / openssh

Package

Name
openssh
Purl
pkg:deb/debian/openssh?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1:8.*
1:8.4p1-5
1:8.4p1-5+deb11u1
1:8.4p1-5+deb11u2
1:8.4p1-5+deb11u3
1:8.4p1-5+deb11u4
1:8.4p1-5+deb11u5
1:8.4p1-6
1:8.7p1-1
1:8.7p1-2
1:8.7p1-3
1:8.7p1-4
1:8.8p1-1
1:8.9p1-1
1:8.9p1-2
1:8.9p1-3
1:9.*
1:9.0p1-1
1:9.1p1-1
1:9.1p1-2
1:9.2p1-1
1:9.2p1-2
1:9.3p1-1
1:9.3p1-1+loong64
1:9.3p2-1
1:9.4p1-1
1:9.5p1-1
1:9.5p1-2
1:9.6p1-1
1:9.6p1-2
1:9.6p1-3
1:9.6p1-4
1:9.6p1-5
1:9.7p1-1
1:9.7p1-2
1:9.7p1-3
1:9.7p1-3+hurd.1
1:9.7p1-4
1:9.7p1-5
1:9.7p1-6
1:9.7p1-7
1:9.8p1-1
1:9.8p1-2
1:9.8p1-3
1:9.8p1-4
1:9.8p1-7
1:9.8p1-8
1:9.9p1-1
1:9.9p1-2
1:9.9p1-3
1:9.9p1-3+hurd.1
1:9.9p2-1
1:9.9p2-2
1:10.*
1:10.0p1-1
1:10.0p1-2
1:10.0p1-3
1:10.0p1-4
1:10.0p1-5~bpo12+2
1:10.0p1-5
1:10.0p1-6
1:10.0p1-7~bpo12+1
1:10.0p1-7
1:10.0p1-8
1:10.1p1-1
1:10.1p1-2
1:10.2p1-1
1:10.2p1-2~bpo13+1
1:10.2p1-2
1:10.2p1-3
1:10.2p1-4
1:10.2p1-5

Ecosystem specific 

{
    "urgency": "unimportant"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2008-3234.json"

Debian:12 / openssh

Package

Name
openssh
Purl
pkg:deb/debian/openssh?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1:9.*
1:9.2p1-2
1:9.2p1-2+deb12u1
1:9.2p1-2+deb12u2
1:9.2p1-2+deb12u3
1:9.2p1-2+deb12u4
1:9.2p1-2+deb12u5
1:9.2p1-2+deb12u6
1:9.2p1-2+deb12u7
1:9.2p1-2+deb12u8
1:9.3p1-1
1:9.3p1-1+loong64
1:9.3p2-1
1:9.4p1-1
1:9.5p1-1
1:9.5p1-2
1:9.6p1-1
1:9.6p1-2
1:9.6p1-3
1:9.6p1-4
1:9.6p1-5
1:9.7p1-1
1:9.7p1-2
1:9.7p1-3
1:9.7p1-3+hurd.1
1:9.7p1-4
1:9.7p1-5
1:9.7p1-6
1:9.7p1-7
1:9.8p1-1
1:9.8p1-2
1:9.8p1-3
1:9.8p1-4
1:9.8p1-7
1:9.8p1-8
1:9.9p1-1
1:9.9p1-2
1:9.9p1-3
1:9.9p1-3+hurd.1
1:9.9p2-1
1:9.9p2-2
1:10.*
1:10.0p1-1
1:10.0p1-2
1:10.0p1-3
1:10.0p1-4
1:10.0p1-5~bpo12+2
1:10.0p1-5
1:10.0p1-6
1:10.0p1-7~bpo12+1
1:10.0p1-7
1:10.0p1-8
1:10.1p1-1
1:10.1p1-2
1:10.2p1-1
1:10.2p1-2~bpo13+1
1:10.2p1-2
1:10.2p1-3
1:10.2p1-4
1:10.2p1-5

Ecosystem specific 

{
    "urgency": "unimportant"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2008-3234.json"

Debian:13 / openssh

Package

Name
openssh
Purl
pkg:deb/debian/openssh?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1:10.*
1:10.0p1-7
1:10.0p1-7+deb13u1
1:10.0p1-8
1:10.1p1-1
1:10.1p1-2
1:10.2p1-1
1:10.2p1-2~bpo13+1
1:10.2p1-2
1:10.2p1-3
1:10.2p1-4
1:10.2p1-5

Ecosystem specific 

{
    "urgency": "unimportant"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2008-3234.json"

Debian:14 / openssh

Package

Name
openssh
Purl
pkg:deb/debian/openssh?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1:10.*
1:10.0p1-7
1:10.0p1-8
1:10.1p1-1
1:10.1p1-2
1:10.2p1-1
1:10.2p1-2~bpo13+1
1:10.2p1-2
1:10.2p1-3
1:10.2p1-4
1:10.2p1-5

Ecosystem specific 

{
    "urgency": "unimportant"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2008-3234.json"