Posted by INTREST SEC on Mar 14
Author: <github.com/tintinweb>
Ref: https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-3115
Version: 0.2
Date: Mar 3rd, 2016
Tag: openssh xauth command injection may lead to forced-command and /bin/false bypass
Overview
——–
Name: openssh
Vendor: OpenBSD
References: * http://www.openssh.com/[1]
Version: 7.2p1 [2]
Latest Version: 7.2p1
Other Versions: <= 7.2p1 (all…