Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

OpenSSH 7.7 through 7.9 and 8.x before 8.1 when compiled with an experimental key type has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions and there is no supported way to enable it when building portable OpenSSH.

🗓️ 25 Sep 2020 07:00:00Reported by MicrosoftType 
mscve
 mscve🔗 msrc.microsoft.com👁 1 Views

OpenSSH 7.7–7.9 and 8.x before 8.1 with experimental XMSS keys causes pre-auth overflow, memory corruption, and code execution.

Related
Detection
ReporterTitlePublishedViews
Family
IBM Security Bulletins		Security Bulletin: Multiple Vulnerabilities in OpenSSH affects IBM Watson Studio Local
20 Dec 201913:54
ibm
GithubExploit		Exploit for Race Condition in Openbsd Openssh
13 Sep 202501:46
githubexploit
BDU FSTEC		The vulnerability of the OpenSSH cryptographic protection implementation arises from a possible integer overflow, allowing an attacker to execute arbitrary code.
6 Jul 202100:00
bdu_fstec
CBLMariner		CVE-2019-16905 affecting package openssh 8.0p1-13
5 Nov 202004:21
cbl_mariner
Circl		CVE-2019-16905
12 Sep 202209:43
circl
CVE		CVE-2019-16905
9 Oct 201900:00
cve
Cvelist		CVE-2019-16905
9 Oct 201900:00
cvelist
Debian CVE		CVE-2019-16905
9 Oct 201900:00
debiancve
Tenable Nessus		EulerOS 2.0 SP8 : openssh (EulerOS-SA-2019-2294)
27 Nov 201900:00
nessus
Tenable Nessus		EulerOS Virtualization for ARM 64 3.0.5.0 : openssh (EulerOS-SA-2020-1046)
13 Jan 202000:00
nessus
Rows per page
Vulners
Node
microsoftcm1_openssh_8.0p1-9Range<-

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
25 Sep 2020 07:00Current
9.5High risk
Vulners AI Score9.5
CVSS 24.4
CVSS 3.17.8
EPSS0.00271
OpenSSHXMSS keyspre-auth overflowmemory corruptioncode execution
1