Insecure Process Group Handling in SSH Secure Shell
CVE-2002-1644 · HIGH Severity
AV:L/AC:L/AU:N/C:C/I:C/A:C
SSH Secure Shell for Servers and SSH Secure Shell for Workstations 2.0.13 through 3.2.1, when running without a PTY, does not call setsid to remove the child process from the process group of the parent process, which allows attackers to gain certain privileges.
Learn more about our Cis Benchmark Audit For Server Software.