CVE-2007-0844

CVE-2007-0844 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:P/A:N

The auth_via_key function in pam_ssh.c in pam_ssh before 1.92, when the allow_blank_passphrase option is disabled, allows remote attackers to bypass authentication restrictions and use private encryption keys requiring a blank passphrase by entering a non-blank passphrase.

Learn more about our Web Application Penetration Testing UK.