CVE-2015-8325 vulnerability in Debian and Other Products
Published on May 1, 2016

The do_setup_env function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pam_environment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as demonstrated by an LD_PRELOAD environment variable.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2015-8325

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2015-8325 are published in these products:

Debian Linux

OpenBSD OpenSSH

Canonical Ubuntu Touch

Canonical Ubuntu Linux

Canonical Ubuntu Core

Exploit Probability

EPSS

0.11%

Percentile

29.61%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2015-8325 vulnerability in Debian and Other ProductsPublished on May 1, 2016

Products Associated with CVE-2015-8325

Exploit Probability

CVE-2015-8325 vulnerability in Debian and Other Products
Published on May 1, 2016