CVE-2015-6563 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2015-6563 Interim 1 25 2025-03-25T01:22:05Z current 2021-05-30T13:32:50Z 2025-03-25T01:22:05Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2015-6563 The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2015-September/001589.html E-Mail link for SUSE-SU-2015:1544-1 https://lists.suse.com/pipermail/sle-security-updates/2015-September/001591.html E-Mail link for SUSE-SU-2015:1547-1 https://lists.suse.com/pipermail/sle-security-updates/2015-September/001592.html E-Mail link for SUSE-SU-2015:1547-2 https://lists.suse.com/pipermail/sle-security-updates/2015-September/001595.html E-Mail link for SUSE-SU-2015:1581-1 https://lists.suse.com/pipermail/sle-security-updates/2015-October/001616.html E-Mail link for SUSE-SU-2015:1695-1 https://www.suse.com/support/kb/doc/?id=7022095 E-Mail link for TID7022095 https://www.suse.com/support/kb/doc/?id=7022096 E-Mail link for TID7022096 https://www.suse.com/support/kb/doc/?id=7022102 E-Mail link for TID7022102 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Liberty Linux 7 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Server 11 SP1 for Teradata SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2 LTSS SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-TERADATA SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 11 SP4 LTSS SUSE Linux Enterprise Server 11-SECURITY SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 11 SP3 SUSE Linux Enterprise Server for SAP Applications 11 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SUSE Linux Enterprise Server for SAP Applications 12 SP5 openssh openssh-6.2p2-0.21.1 openssh-6.6.1p1-22.el7 openssh-6.6p1-13.1 openssh-6.6p1-29.1 openssh-7.2p2-55.1 openssh-7.2p2-69.1 openssh-7.2p2-74.25.1 openssh-7.2p2-74.45.1 openssh-askpass openssh-askpass-6.2p2-0.21.1 openssh-askpass-6.6.1p1-22.el7 openssh-askpass-gnome-6.2p2-0.21.3 openssh-askpass-gnome-6.6p1-13.3 openssh-askpass-gnome-6.6p1-29.1 openssh-clients-6.6.1p1-22.el7 openssh-fips-6.6p1-13.1 openssh-fips-6.6p1-29.1 openssh-fips-7.2p2-55.1 openssh-fips-7.2p2-69.1 openssh-fips-7.2p2-74.25.1 openssh-fips-7.2p2-74.45.1 openssh-helpers-6.6p1-13.1 openssh-helpers-6.6p1-29.1 openssh-helpers-7.2p2-55.1 openssh-helpers-7.2p2-69.1 openssh-helpers-7.2p2-74.25.1 openssh-helpers-7.2p2-74.45.1 openssh-keycat-6.6.1p1-22.el7 openssh-ldap-6.6.1p1-22.el7 openssh-openssl1-6.6p1-10.1 openssh-openssl1-helpers-6.6p1-10.1 openssh-server-6.6.1p1-22.el7 openssh-server-sysvinit-6.6.1p1-22.el7 pam_ssh_agent_auth-0.9.3-9.22.el7 openssh-6.6.1p1-22.el7 as a component of SUSE Liberty Linux 7 openssh-askpass-6.6.1p1-22.el7 as a component of SUSE Liberty Linux 7 openssh-clients-6.6.1p1-22.el7 as a component of SUSE Liberty Linux 7 openssh-keycat-6.6.1p1-22.el7 as a component of SUSE Liberty Linux 7 openssh-ldap-6.6.1p1-22.el7 as a component of SUSE Liberty Linux 7 openssh-server-6.6.1p1-22.el7 as a component of SUSE Liberty Linux 7 openssh-server-sysvinit-6.6.1p1-22.el7 as a component of SUSE Liberty Linux 7 pam_ssh_agent_auth-0.9.3-9.22.el7 as a component of SUSE Liberty Linux 7 openssh-6.2p2-0.21.1 as a component of SUSE Linux Enterprise Desktop 11 SP3 openssh-askpass-6.2p2-0.21.1 as a component of SUSE Linux Enterprise Desktop 11 SP3 openssh-askpass-gnome-6.2p2-0.21.3 as a component of SUSE Linux Enterprise Desktop 11 SP3 openssh-6.6p1-13.1 as a component of SUSE Linux Enterprise Desktop 11 SP4 openssh-askpass-gnome-6.6p1-13.3 as a component of SUSE Linux Enterprise Desktop 11 SP4 openssh-helpers-6.6p1-13.1 as a component of SUSE Linux Enterprise Desktop 11 SP4 openssh-6.6p1-29.1 as a component of SUSE Linux Enterprise Desktop 12 openssh-askpass-gnome-6.6p1-29.1 as a component of SUSE Linux Enterprise Desktop 12 openssh-helpers-6.6p1-29.1 as a component of SUSE Linux Enterprise Desktop 12 openssh-6.6p1-29.1 as a component of SUSE Linux Enterprise Desktop 12 SP1 openssh-helpers-6.6p1-29.1 as a component of SUSE Linux Enterprise Desktop 12 SP1 openssh-7.2p2-55.1 as a component of SUSE Linux Enterprise Desktop 12 SP2 openssh-helpers-7.2p2-55.1 as a component of SUSE Linux Enterprise Desktop 12 SP2 openssh-7.2p2-69.1 as a component of SUSE Linux Enterprise Desktop 12 SP3 openssh-helpers-7.2p2-69.1 as a component of SUSE Linux Enterprise Desktop 12 SP3 openssh-7.2p2-74.25.1 as a component of SUSE Linux Enterprise Desktop 12 SP4 openssh-helpers-7.2p2-74.25.1 as a component of SUSE Linux Enterprise Desktop 12 SP4 openssh-7.2p2-74.45.1 as a component of SUSE Linux Enterprise High Performance Computing 12 SP5 openssh-fips-7.2p2-74.45.1 as a component of SUSE Linux Enterprise High Performance Computing 12 SP5 openssh-helpers-7.2p2-74.45.1 as a component of SUSE Linux Enterprise High Performance Computing 12 SP5 openssh-6.2p2-0.21.1 as a component of SUSE Linux Enterprise Server 11 SP3 openssh-askpass-6.2p2-0.21.1 as a component of SUSE Linux Enterprise Server 11 SP3 openssh-askpass-gnome-6.2p2-0.21.3 as a component of SUSE Linux Enterprise Server 11 SP3 openssh-6.2p2-0.21.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA openssh-askpass-6.2p2-0.21.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA openssh-askpass-gnome-6.2p2-0.21.3 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA openssh-6.6p1-13.1 as a component of SUSE Linux Enterprise Server 11 SP4 openssh-askpass-gnome-6.6p1-13.3 as a component of SUSE Linux Enterprise Server 11 SP4 openssh-fips-6.6p1-13.1 as a component of SUSE Linux Enterprise Server 11 SP4 openssh-helpers-6.6p1-13.1 as a component of SUSE Linux Enterprise Server 11 SP4 openssh-openssl1-6.6p1-10.1 as a component of SUSE Linux Enterprise Server 11-SECURITY openssh-openssl1-helpers-6.6p1-10.1 as a component of SUSE Linux Enterprise Server 11-SECURITY openssh-6.6p1-29.1 as a component of SUSE Linux Enterprise Server 12 openssh-askpass-gnome-6.6p1-29.1 as a component of SUSE Linux Enterprise Server 12 openssh-fips-6.6p1-29.1 as a component of SUSE Linux Enterprise Server 12 openssh-helpers-6.6p1-29.1 as a component of SUSE Linux Enterprise Server 12 openssh-6.6p1-29.1 as a component of SUSE Linux Enterprise Server 12 SP1 openssh-fips-6.6p1-29.1 as a component of SUSE Linux Enterprise Server 12 SP1 openssh-helpers-6.6p1-29.1 as a component of SUSE Linux Enterprise Server 12 SP1 openssh-7.2p2-55.1 as a component of SUSE Linux Enterprise Server 12 SP2 openssh-fips-7.2p2-55.1 as a component of SUSE Linux Enterprise Server 12 SP2 openssh-helpers-7.2p2-55.1 as a component of SUSE Linux Enterprise Server 12 SP2 openssh-7.2p2-69.1 as a component of SUSE Linux Enterprise Server 12 SP3 openssh-fips-7.2p2-69.1 as a component of SUSE Linux Enterprise Server 12 SP3 openssh-helpers-7.2p2-69.1 as a component of SUSE Linux Enterprise Server 12 SP3 openssh-7.2p2-74.25.1 as a component of SUSE Linux Enterprise Server 12 SP4 openssh-fips-7.2p2-74.25.1 as a component of SUSE Linux Enterprise Server 12 SP4 openssh-helpers-7.2p2-74.25.1 as a component of SUSE Linux Enterprise Server 12 SP4 openssh-7.2p2-74.45.1 as a component of SUSE Linux Enterprise Server 12 SP5 openssh-fips-7.2p2-74.45.1 as a component of SUSE Linux Enterprise Server 12 SP5 openssh-helpers-7.2p2-74.45.1 as a component of SUSE Linux Enterprise Server 12 SP5 openssh-7.2p2-55.1 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 openssh-fips-7.2p2-55.1 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 openssh-helpers-7.2p2-55.1 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 openssh-6.2p2-0.21.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 openssh-askpass-6.2p2-0.21.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 openssh-askpass-gnome-6.2p2-0.21.3 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 openssh-6.6p1-13.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 openssh-askpass-gnome-6.6p1-13.3 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 openssh-fips-6.6p1-13.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 openssh-helpers-6.6p1-13.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 openssh-6.6p1-29.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 openssh-askpass-gnome-6.6p1-29.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 openssh-fips-6.6p1-29.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 openssh-helpers-6.6p1-29.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 openssh-7.2p2-74.45.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 openssh-fips-7.2p2-74.45.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 openssh-helpers-7.2p2-74.45.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 openssh as a component of SUSE Linux Enterprise Desktop 11 SP2 openssh-askpass as a component of SUSE Linux Enterprise Desktop 11 SP2 openssh as a component of SUSE Linux Enterprise Server 11 SP1 for Teradata openssh as a component of SUSE Linux Enterprise Server 11 SP2 openssh-askpass as a component of SUSE Linux Enterprise Server 11 SP2 openssh as a component of SUSE Linux Enterprise Server 11 SP2 LTSS openssh as a component of SUSE Linux Enterprise Server 11 SP4 LTSS The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c. CVE-2015-6563 SUSE Liberty Linux 7:openssh-6.6.1p1-22.el7 SUSE Liberty Linux 7:openssh-askpass-6.6.1p1-22.el7 SUSE Liberty Linux 7:openssh-clients-6.6.1p1-22.el7 SUSE Liberty Linux 7:openssh-keycat-6.6.1p1-22.el7 SUSE Liberty Linux 7:openssh-ldap-6.6.1p1-22.el7 SUSE Liberty Linux 7:openssh-server-6.6.1p1-22.el7 SUSE Liberty Linux 7:openssh-server-sysvinit-6.6.1p1-22.el7 SUSE Liberty Linux 7:pam_ssh_agent_auth-0.9.3-9.22.el7 SUSE Linux Enterprise Desktop 11 SP3:openssh-6.2p2-0.21.1 SUSE Linux Enterprise Desktop 11 SP3:openssh-askpass-6.2p2-0.21.1 SUSE Linux Enterprise Desktop 11 SP3:openssh-askpass-gnome-6.2p2-0.21.3 SUSE Linux Enterprise Desktop 11 SP4:openssh-6.6p1-13.1 SUSE Linux Enterprise Desktop 11 SP4:openssh-askpass-gnome-6.6p1-13.3 SUSE Linux Enterprise Desktop 11 SP4:openssh-helpers-6.6p1-13.1 SUSE Linux Enterprise Desktop 12:openssh-6.6p1-29.1 SUSE Linux Enterprise Desktop 12:openssh-askpass-gnome-6.6p1-29.1 SUSE Linux Enterprise Desktop 12:openssh-helpers-6.6p1-29.1 SUSE Linux Enterprise Desktop 12 SP1:openssh-6.6p1-29.1 SUSE Linux Enterprise Desktop 12 SP1:openssh-helpers-6.6p1-29.1 SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-55.1 SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-55.1 SUSE Linux Enterprise Desktop 12 SP3:openssh-7.2p2-69.1 SUSE Linux Enterprise Desktop 12 SP3:openssh-helpers-7.2p2-69.1 SUSE Linux Enterprise Desktop 12 SP4:openssh-7.2p2-74.25.1 SUSE Linux Enterprise Desktop 12 SP4:openssh-helpers-7.2p2-74.25.1 SUSE Linux Enterprise High Performance Computing 12 SP5:openssh-7.2p2-74.45.1 SUSE Linux Enterprise High Performance Computing 12 SP5:openssh-fips-7.2p2-74.45.1 SUSE Linux Enterprise High Performance Computing 12 SP5:openssh-helpers-7.2p2-74.45.1 SUSE Linux Enterprise Server 11 SP3:openssh-6.2p2-0.21.1 SUSE Linux Enterprise Server 11 SP3:openssh-askpass-6.2p2-0.21.1 SUSE Linux Enterprise Server 11 SP3:openssh-askpass-gnome-6.2p2-0.21.3 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-6.2p2-0.21.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-6.2p2-0.21.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:openssh-askpass-gnome-6.2p2-0.21.3 SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-13.1 SUSE Linux Enterprise Server 11 SP4:openssh-askpass-gnome-6.6p1-13.3 SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-13.1 SUSE Linux Enterprise Server 11 SP4:openssh-helpers-6.6p1-13.1 SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-10.1 SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-10.1 SUSE Linux Enterprise Server 12:openssh-6.6p1-29.1 SUSE Linux Enterprise Server 12:openssh-askpass-gnome-6.6p1-29.1 SUSE Linux Enterprise Server 12:openssh-fips-6.6p1-29.1 SUSE Linux Enterprise Server 12:openssh-helpers-6.6p1-29.1 SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-29.1 SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-29.1 SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-29.1 SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-55.1 SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-55.1 SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-55.1 SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-69.1 SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-69.1 SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-69.1 SUSE Linux Enterprise Server 12 SP4:openssh-7.2p2-74.25.1 SUSE Linux Enterprise Server 12 SP4:openssh-fips-7.2p2-74.25.1 SUSE Linux Enterprise Server 12 SP4:openssh-helpers-7.2p2-74.25.1 SUSE Linux Enterprise Server 12 SP5:openssh-7.2p2-74.45.1 SUSE Linux Enterprise Server 12 SP5:openssh-fips-7.2p2-74.45.1 SUSE Linux Enterprise Server 12 SP5:openssh-helpers-7.2p2-74.45.1 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-55.1 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-55.1 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-55.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssh-6.2p2-0.21.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssh-askpass-6.2p2-0.21.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openssh-askpass-gnome-6.2p2-0.21.3 SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-6.6p1-13.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-askpass-gnome-6.6p1-13.3 SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-fips-6.6p1-13.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:openssh-helpers-6.6p1-13.1 SUSE Linux Enterprise Server for SAP Applications 12:openssh-6.6p1-29.1 SUSE Linux Enterprise Server for SAP Applications 12:openssh-askpass-gnome-6.6p1-29.1 SUSE Linux Enterprise Server for SAP Applications 12:openssh-fips-6.6p1-29.1 SUSE Linux Enterprise Server for SAP Applications 12:openssh-helpers-6.6p1-29.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-7.2p2-74.45.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-fips-7.2p2-74.45.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-helpers-7.2p2-74.45.1 SUSE Linux Enterprise Desktop 11 SP2:openssh SUSE Linux Enterprise Desktop 11 SP2:openssh-askpass SUSE Linux Enterprise Server 11 SP2 LTSS:openssh SUSE Linux Enterprise Server 11 SP2:openssh SUSE Linux Enterprise Server 11 SP2:openssh-askpass moderate 1.9 AV:L/AC:M/Au:N/C:N/I:P/A:N