World-writable permissions in OpenSSH 6.8 and 6.9 TTY devices vulnerability

World-writable permissions in OpenSSH 6.8 and 6.9 TTY devices vulnerability

CVE-2015-6565 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

sshd in OpenSSH 6.8 and 6.9 uses world-writable permissions for TTY devices, which allows local users to cause a denial of service (terminal disruption) or possibly have unspecified other impact by writing to a device, as demonstrated by writing an escape sequence.

Learn more about our User Device Pen Test.