Updated openssh packages fix security vulnerabilitiesPublication date: 21 Aug 2015
Affected Mageia releases : 4 , 5
Privilege seaparation weakness related to PAM support allowing the attacker to impersonate other users was found in openssh package. Attackers who could successfully compromise the pre-authentication process for remote code execution and who had valid credentials on the host could impersonate other users (rhbz#1252844). Use-after-free bug was found in openssh package. The vulnerability is exploitable by attackers who could compromise the pre-authentication process for remote code execution (rhbz#1252852).