Lucene search
PRIOn knowledge basePRION:CVE-2023-46446HistoryNov 14, 2023 - 3:15 a.m.
Design/Logic Flaw
2023-11-1403:15:00
PRIOn knowledge base
www.prio-n.com
1
asyncssh
design flaw
remote control
rogue session attack
packet injection
shell emulation
An issue in AsyncSSH before 2.14.1 allows attackers to control the remote end of an SSH client session via packet injection/removal and shell emulation, aka a “Rogue Session Attack.”
References
packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html
github.com/advisories/GHSA-c35q-ffpf-5qpm
github.com/ronf/asyncssh/blob/develop/docs/changes.rst
github.com/ronf/asyncssh/security/advisories/GHSA-c35q-ffpf-5qpm
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ME34ROZWMDK5KLMZKTSA422XVJZ7IMTE/
security.netapp.com/advisory/ntap-20231222-0001/
www.terrapin-attack.com
Related
f5
f5
K000138577 : Python-asyncssh vulnerability CVE-2023-46446
2024-02-12 00:00:00
cve
cve
CVE-2023-46446
2023-11-14 03:15:09
osv
osv
AsyncSSH Rogue Session Attack
2023-11-09 18:35:14
CVE-2023-46446
2023-11-14 03:15:09
PYSEC-2023-239
2023-11-14 03:15:00
ubuntucve
ubuntucve
CVE-2023-46446
2023-11-14 00:00:00
nvd
nvd
CVE-2023-46446
2023-11-14 03:15:09
veracode
veracode
Rogue Session
2023-11-10 07:22:52
github
github
AsyncSSH Rogue Session Attack
2023-11-09 18:35:14
cvelist
cvelist
CVE-2023-46446
2023-11-14 00:00:00
redhatcve
redhatcve
CVE-2023-46446
2023-11-17 18:51:51
debiancve
debiancve
CVE-2023-46446
2023-11-14 03:15:09
fedora
fedora
[SECURITY] Fedora 39 Update: python-asyncssh-2.14.1-1.fc39
2023-11-26 01:56:03
nessus
nessus
Fedora 39 : python-asyncssh (2023-d2956318e4)
2023-11-25 00:00:00
openvas
openvas
Fedora: Security Advisory for python-asyncssh (FEDORA-2023-d2956318e4)
2023-11-26 00:00:00