CVE-2019-7639

An issue was discovered in gsi-openssh-server 7.9p1 on Fedora 29. If PermitPAMUserChange is set to yes in the /etc/gsissh/sshd_config file, logins succeed with a valid username and an incorrect password, even though a failure entry is recorded in the /var/log/messages file.
References
Link Resource
https://bugzilla.redhat.com/show_bug.cgi?id=1673802 Exploit Issue Tracking
Configurations

Configuration 1

cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
cpe:2.3:a:gsi-openssh_project:gsi-openssh:7.9:p1:*:*:*:*:*:*

Information

Published : 2019-02-08 11:29

Updated : 2020-08-24 05:37


NVD link : CVE-2019-7639

Mitre link : CVE-2019-7639

Products Affected
No products.
CWE