MidnightBSD

Advisories for gsi-openssh_project

CVE-2019-7639 MEDIUM

An issue was discovered in gsi-openssh-server 7.9p1 on Fedora 29. If PermitPAMUserChange is set to yes in the /etc/gsissh/sshd_config file, logins succeed with a valid username and an incorrect password, even though a failure entry is recorded in the /var/log/messages file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-863,

Products Affected

Vendor Product Version
fedoraproject fedora 29
gsi-openssh_project gsi-openssh 7.9
fedoraproject fedora 28