CVE-2016-10009 (openssh)

CVE-2016-10009 (openssh)

Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.

Source: CVE-2016-10009 (openssh)