CVE-2014-9278 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2014-9278 Interim 1 10 2024-07-03T02:32:33Z current 2021-05-30T13:24:35Z 2024-07-03T02:32:33Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2014-9278 The OpenSSH server, as used in Fedora and Red Hat Enterprise Linux 7 and when running in a Kerberos environment, allows remote authenticated users to log in as another user when they are listed in the .k5users file of that user, which might bypass intended authentication requirements that would force a local login. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Liberty Linux 7 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Server 11 SP1 for Teradata SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 12 openssh openssh-6.6.1p1-11.el7 openssh-askpass openssh-askpass-6.6.1p1-11.el7 openssh-clients-6.6.1p1-11.el7 openssh-fips openssh-helpers openssh-keycat-6.6.1p1-11.el7 openssh-ldap-6.6.1p1-11.el7 openssh-server-6.6.1p1-11.el7 openssh-server-sysvinit-6.6.1p1-11.el7 pam_ssh_agent_auth-0.9.3-9.11.el7 openssh-6.6.1p1-11.el7 as a component of SUSE Liberty Linux 7 openssh-askpass-6.6.1p1-11.el7 as a component of SUSE Liberty Linux 7 openssh-clients-6.6.1p1-11.el7 as a component of SUSE Liberty Linux 7 openssh-keycat-6.6.1p1-11.el7 as a component of SUSE Liberty Linux 7 openssh-ldap-6.6.1p1-11.el7 as a component of SUSE Liberty Linux 7 openssh-server-6.6.1p1-11.el7 as a component of SUSE Liberty Linux 7 openssh-server-sysvinit-6.6.1p1-11.el7 as a component of SUSE Liberty Linux 7 pam_ssh_agent_auth-0.9.3-9.11.el7 as a component of SUSE Liberty Linux 7 openssh as a component of SUSE Linux Enterprise Desktop 11 SP3 openssh-askpass as a component of SUSE Linux Enterprise Desktop 11 SP3 openssh as a component of SUSE Linux Enterprise Desktop 12 openssh-helpers as a component of SUSE Linux Enterprise Desktop 12 openssh as a component of SUSE Linux Enterprise Server 11 SP1 for Teradata openssh as a component of SUSE Linux Enterprise Server 11 SP3 openssh-askpass as a component of SUSE Linux Enterprise Server 11 SP3 openssh as a component of SUSE Linux Enterprise Server 12 openssh-fips as a component of SUSE Linux Enterprise Server 12 openssh-helpers as a component of SUSE Linux Enterprise Server 12 The OpenSSH server, as used in Fedora and Red Hat Enterprise Linux 7 and when running in a Kerberos environment, allows remote authenticated users to log in as another user when they are listed in the .k5users file of that user, which might bypass intended authentication requirements that would force a local login. CVE-2014-9278 SUSE Liberty Linux 7:openssh-6.6.1p1-11.el7 SUSE Liberty Linux 7:openssh-askpass-6.6.1p1-11.el7 SUSE Liberty Linux 7:openssh-clients-6.6.1p1-11.el7 SUSE Liberty Linux 7:openssh-keycat-6.6.1p1-11.el7 SUSE Liberty Linux 7:openssh-ldap-6.6.1p1-11.el7 SUSE Liberty Linux 7:openssh-server-6.6.1p1-11.el7 SUSE Liberty Linux 7:openssh-server-sysvinit-6.6.1p1-11.el7 SUSE Liberty Linux 7:pam_ssh_agent_auth-0.9.3-9.11.el7 SUSE Linux Enterprise Desktop 11 SP3:openssh SUSE Linux Enterprise Desktop 11 SP3:openssh-askpass SUSE Linux Enterprise Desktop 12:openssh SUSE Linux Enterprise Desktop 12:openssh-helpers SUSE Linux Enterprise Server 11 SP1 for Teradata:openssh SUSE Linux Enterprise Server 11 SP3:openssh SUSE Linux Enterprise Server 11 SP3:openssh-askpass SUSE Linux Enterprise Server 12:openssh SUSE Linux Enterprise Server 12:openssh-fips SUSE Linux Enterprise Server 12:openssh-helpers low 4 AV:N/AC:L/Au:S/C:N/I:P/A:N