[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2015:1581-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":24,"duplicates":25,"related":26,"reserved_at":9,"published_at":32,"modified_at":33,"state":9,"summary":34,"references_raw":36,"kevs":109,"epss":9,"epss_history":110,"metrics":111,"affected":112},"SUSE-SU-2015:1581-1","Security update for openssh\n\nopenssh was updated to fix several security issues and bugs.\n\nThese security issues were fixed:\n* CVE-2015-5352: The x11_open_helper function in channels.c in ssh\n  in OpenSSH when ForwardX11Trusted mode is not used, lacked a check of\n  the refusal deadline for X connections, which made it easier for remote\n  attackers to bypass intended access restrictions via a connection outside\n  of the permitted time window (bsc#936695).\n* CVE-2015-5600: The kbdint_next_device function in auth2-chall.c\n  in sshd in OpenSSH did not properly restrict the processing of\n  keyboard-interactive devices within a single connection, which made it\n  easier for remote attackers to conduct brute-force attacks or cause a\n  denial of service (CPU consumption) via a long and duplicative list in\n  the ssh -oKbdInteractiveDevices option, as demonstrated by a modified\n  client that provides a different password for each pam element on this\n  list (bsc#938746).\n* CVE-2015-4000: Removed and disabled weak DH groups to address LOGJAM (bsc#932483).\n* Hardening patch to fix sftp RCE (bsc#903649).\n* CVE-2015-6563: The monitor component in sshd in OpenSSH accepted\n  extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which\n  allowed local users to conduct impersonation attacks by leveraging any SSH\n  login access in conjunction with control of the sshd uid to send a crafted\n  MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c.\n* CVE-2015-6564: Use-after-free vulnerability in the\n  mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH might\n  have allowed local users to gain privileges by leveraging control of the\n  sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request.\n\nThese non-security issues were fixed:\n- bsc#914309: sshd inherits oom_adj -17 on SIGHUP causing DoS potential for oom_killer.\n- bsc#673532: limits.conf fsize change in SLES10SP3 causing problems to WebSphere mqm user.\n- bsc#916549: Fixed support for aesXXX-gcm@openssh.com.\n  ",null,[],[],[],[14,16,18,20,22],{"_key":15},"CVE-2015-4000",{"_key":17},"CVE-2015-5352",{"_key":19},"CVE-2015-5600",{"_key":21},"CVE-2015-6563",{"_key":23},"CVE-2015-6564",[],[],[27,28,29,30,31],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},"2015-09-17T12:53:08Z","2026-02-04T03:45:50.913727Z",{"cisa_kev":35,"cisa_ransomware":35,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[37,43,48,52,56,60,64,68,72,76,80,84,88,93,97,101,105],{"url":38,"sources":39,"tags":41},"https://www.suse.com/support/update/announcement/2015/suse-su-20151581-1/",[40],"osv_suse",[42],"Advisory",{"url":44,"sources":45,"tags":46},"https://bugzilla.suse.com/673532",[40],[47],"REPORT",{"url":49,"sources":50,"tags":51},"https://bugzilla.suse.com/903649",[40],[47],{"url":53,"sources":54,"tags":55},"https://bugzilla.suse.com/905118",[40],[47],{"url":57,"sources":58,"tags":59},"https://bugzilla.suse.com/914309",[40],[47],{"url":61,"sources":62,"tags":63},"https://bugzilla.suse.com/916549",[40],[47],{"url":65,"sources":66,"tags":67},"https://bugzilla.suse.com/932483",[40],[47],{"url":69,"sources":70,"tags":71},"https://bugzilla.suse.com/936695",[40],[47],{"url":73,"sources":74,"tags":75},"https://bugzilla.suse.com/938746",[40],[47],{"url":77,"sources":78,"tags":79},"https://bugzilla.suse.com/943006",[40],[47],{"url":81,"sources":82,"tags":83},"https://bugzilla.suse.com/943010",[40],[47],{"url":85,"sources":86,"tags":87},"https://bugzilla.suse.com/945493",[40],[47],{"url":89,"sources":90,"tags":91},"https://www.suse.com/security/cve/CVE-2015-4000",[40],[92],"WEB",{"url":94,"sources":95,"tags":96},"https://www.suse.com/security/cve/CVE-2015-5352",[40],[92],{"url":98,"sources":99,"tags":100},"https://www.suse.com/security/cve/CVE-2015-5600",[40],[92],{"url":102,"sources":103,"tags":104},"https://www.suse.com/security/cve/CVE-2015-6563",[40],[92],{"url":106,"sources":107,"tags":108},"https://www.suse.com/security/cve/CVE-2015-6564",[40],[92],[],[],[],[113,126,130,134,138,145,149,153],{"ecosystem":114,"name":115,"vendor":116,"product":117,"cpe_part":9,"purl_type":118,"purl_namespace":116,"purl_name":117,"source":9,"versions":119},"SUSE Linux Enterprise","openssh-askpass-gnome","suse","openssh-askpass-gnome&distro=SUSE Linux Enterprise Desktop 11 SP3","rpm",[120],{"version":121,"is_range":122,"range_type":123,"version_start":9,"version_start_type":9,"version_end":124,"version_end_type":125,"fixed_in":9},"lt6_2p2_0_21_3",true,"ecosystem","6.2p2-0.21.3","excluding",{"ecosystem":114,"name":115,"vendor":116,"product":127,"cpe_part":9,"purl_type":118,"purl_namespace":116,"purl_name":127,"source":9,"versions":128},"openssh-askpass-gnome&distro=SUSE Linux Enterprise Server 11 SP3",[129],{"version":121,"is_range":122,"range_type":123,"version_start":9,"version_start_type":9,"version_end":124,"version_end_type":125,"fixed_in":9},{"ecosystem":114,"name":115,"vendor":116,"product":131,"cpe_part":9,"purl_type":118,"purl_namespace":116,"purl_name":131,"source":9,"versions":132},"openssh-askpass-gnome&distro=SUSE Linux Enterprise Server 11 SP3-TERADATA",[133],{"version":121,"is_range":122,"range_type":123,"version_start":9,"version_start_type":9,"version_end":124,"version_end_type":125,"fixed_in":9},{"ecosystem":114,"name":115,"vendor":116,"product":135,"cpe_part":9,"purl_type":118,"purl_namespace":116,"purl_name":135,"source":9,"versions":136},"openssh-askpass-gnome&distro=SUSE Linux Enterprise Server for SAP Applications 11 SP3",[137],{"version":121,"is_range":122,"range_type":123,"version_start":9,"version_start_type":9,"version_end":124,"version_end_type":125,"fixed_in":9},{"ecosystem":114,"name":139,"vendor":116,"product":140,"cpe_part":9,"purl_type":118,"purl_namespace":116,"purl_name":140,"source":9,"versions":141},"openssh","openssh&distro=SUSE Linux Enterprise Desktop 11 SP3",[142],{"version":143,"is_range":122,"range_type":123,"version_start":9,"version_start_type":9,"version_end":144,"version_end_type":125,"fixed_in":9},"lt6_2p2_0_21_1","6.2p2-0.21.1",{"ecosystem":114,"name":139,"vendor":116,"product":146,"cpe_part":9,"purl_type":118,"purl_namespace":116,"purl_name":146,"source":9,"versions":147},"openssh&distro=SUSE Linux Enterprise Server 11 SP3",[148],{"version":143,"is_range":122,"range_type":123,"version_start":9,"version_start_type":9,"version_end":144,"version_end_type":125,"fixed_in":9},{"ecosystem":114,"name":139,"vendor":116,"product":150,"cpe_part":9,"purl_type":118,"purl_namespace":116,"purl_name":150,"source":9,"versions":151},"openssh&distro=SUSE Linux Enterprise Server 11 SP3-TERADATA",[152],{"version":143,"is_range":122,"range_type":123,"version_start":9,"version_start_type":9,"version_end":144,"version_end_type":125,"fixed_in":9},{"ecosystem":114,"name":139,"vendor":116,"product":154,"cpe_part":9,"purl_type":118,"purl_namespace":116,"purl_name":154,"source":9,"versions":155},"openssh&distro=SUSE Linux Enterprise Server for SAP Applications 11 SP3",[156],{"version":143,"is_range":122,"range_type":123,"version_start":9,"version_start_type":9,"version_end":144,"version_end_type":125,"fixed_in":9}]