Description
OpenSSH is OpenBSD's Secure Shell (SSH) protocol implementation. These
packages include the core files necessary for the OpenSSH client and
server.
Due to the way the pam_ssh_agent_auth PAM module was built in Red Hat
Enterprise Linux 6, the glibc's error() function was called rather than the
intended error() function in pam_ssh_agent_auth to report errors. As these
two functions expect different arguments, it was possible for an attacker
to cause an application using pam_ssh_agent_auth to crash, disclose
portions of its memory or, potentially, execute arbitrary code.
(CVE-2012-5536)
Note that the pam_ssh_agent_auth module is not used in Red Hat Enterprise
Linux 6 by default.