Advisory ROSA-SA-2024-2440

Software: openssh 8.0p1 OS: ROSA Virtualization 2.1 packageevrstring: openssh-8.0p1 CVE-ID: CVE-2019-16905 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: OpenSSH, when compiled with an experimental key type, has an integer overflow before authentication if the client or server is configured to use a...

SUSE CVE-2019-16905

OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing...

CVE-2019-16905

creationtimestamp| type| source ---|---|--- 2022-09-12 09:43:08+00:00| published-proof-of-concept| Telegram/0T2mRQjPbxfagtKULjNMSImpGgUw0PutX0rRmEphKviBA 2023-10-12 23:19:46+00:00| published-proof-of-concept| Telegram/poSZG5aVKSKtLXha-pFLWHU67v-9VfxvSO9FqtinvTebM 2024-08-25 08:59:44+00:00| seen|...

CVE-2019-16905 affecting package openssh 8.0p1-13

CVE-2019-16905 affecting package openssh 8.0p1-13. A patched version of the package is available...

OpenSSH 7.7 - 7.9, 8.x < 8.1 Integer Overflow Vulnerability

OpenSSH is prone to an integer overflow vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openbsd:openssh";...

Photon OS 3.0: Openssh PHSA-2019-3.0-0045

An update of the openssh package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-3.0-0045. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2019-2294)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2020-1046)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization for ARM 64 3.0.5.0 : openssh (EulerOS-SA-2020-1046)

According to the version of the openssh packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication intege...

CVE-2019-16905

CVE-2019-16905 affects OpenSSH 7.7–7.9 and 8.x prior to 8.1 when built with the experimental XMSS key type. It describes a pre-authentication integer overflow in XMSS key parsing that can cause memory corruption and local code execution. The XMSS implementation is treated as experimental in all r...