47 matches found
MiracleLinux 7 : openssh-7.4p1-11.el7 (AXSA:2017-1912:03)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1912:03 advisory. SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide...
ABB M2M Gateway Arbitrary Code Execution in embedded OpenSSH (CVE-2016-10009)
Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS11 modules by leveraging control over a forwarded agent-socket. This plugin only works with Tenable.ot. Please visit...
Siemens SCALANCE X-200RNA Switch Devices Untrusted Search Path (CVE-2016-10009)
Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS11 modules by leveraging control over a forwarded agent-socket. This plugin only works with Tenable.ot. Please visit...
Linux Distros Unpatched Vulnerability : CVE-2016-10009
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS11 modules by...
RHEL 6 : openssh (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openssh: loading of untrusted PKCS11 modules in ssh-agent CVE-2016-10009 - openssh: scp allows command...
Remote code execution
The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. Code in /usr/lib is not necessarily safe for loading into ssh-agent. NOTE: this issue exists because o...
Security Bulletin: Vulnerabilities in OpenSSH affect IBM BladeCenter Advanced Management Module (AMM)
Summary IBM BladeCenter Advanced Management Module AMM has addressed the following vulnerabilities in OpenSSH. Vulnerability Details Summary IBM BladeCenter Advanced Management Module AMM has addressed the following vulnerabilities in HTTPD. Vulnerability Details CVEID: CVE-2016-10011 Description...
K31440025: OpenSSH vulnerability CVE-2016-10009
Security Advisory Description Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS11 modules by leveraging control over a forwarded agent-socket. CVE-2016-10009 Impact Running the ssh-agent program requires a...
SUSE CVE-2016-10009
Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS11 modules by leveraging control over a forwarded agent-socket...
CLSA-2022-1656962023 Fixed CVE-2016-10009 in openssh-5.3p1
CVE-2016-10009: add whitelist of paths which may ssh-agent load from in order to prevent execution of arbitrary local pkcs11...
Fixed CVE-2016-10009 in openssh-5.3p1
CVE-2016-10009: add whitelist of paths which may ssh-agent load from in order to prevent execution of arbitrary local pkcs11...
Security Bulletin: Vulnerabilities in OpenSSH affects Power Hardware Management Console
Summary OpenSSH is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-6515 DESCRIPTION: OpenSSH is vulnerable to a denial of service, caused by the failure to limit password lengths for password authentication by the...
SUSE: Security Advisory (SUSE-SU-2017:1661-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:0603-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Vulnerabilities in SSH affect IBM DataPower Gateways (CVE-2016-10009, CVE-2016-10012)
Summary SSH vulnerabilities were disclosed by the OpenSSH Project. IBM DataPower Gateways has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-10009 DESCRIPTION: OpenSSH could allow a remote authenticated attacker to execute arbitrary code on the system, caused by the loading ...
SUSE: Security Advisory (SUSE-SU-2017:0607-3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:0264-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:0607-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:0607-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2017-1055)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...