OpenSSH before 2.9.9, while using keypairs and multiple keys of different types in the ~/.ssh/authorized_keys2 file, may not properly handle the from option associated with a key, which could allow remote attackers to login from unauthorized IP addresses.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Openssh | Openbsd | * | 2.9.9 (including) |