CVEs-PoC/2015/CVE-2015-8325.md at ef21a24366f7bbc1220842143b6857a7549ce607

mirror of https://github.com/0xMarcio/cve.git synced 2026-03-27 21:40:45 +01:00

Files

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

Description

The do_setup_env function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pam_environment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as demonstrated by an LD_PRELOAD environment variable.

POC

Reference

https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf

Github

https://github.com/Live-Hack-CVE/CVE-2015-8325
https://github.com/Maribel0370/Nebula-io
https://github.com/NeoOniX/5ATTACK
https://github.com/austinhawthorne/net-scan
https://github.com/bioly230/THM_Skynet
https://github.com/lekctut/sdb-hw-13-01
https://github.com/pedr0alencar/vlab-metasploitable2
https://github.com/retr0-13/cveScannerV2
https://github.com/scmanjarrez/CVEScannerV2
https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough

1.2 KiB Raw Blame History

CVE-2015-8325

Description

POC

Reference

Github

1.2 KiB

Raw Blame History