MiracleLinux 7 : openssh-7.4p1-11.el7 (AXSA:2017-1912:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1912:03 advisory. SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide...

Siemens SCALANCE X-200RNA Switch Devices Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2016-10012)

The shared memory manager associated with pre-authentication compression in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to t...

RHEL 6 : openssh (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openssh: loading of untrusted PKCS11 modules in ssh-agent CVE-2016-10009 - openssh: scp allows command...

BELL-CVE-2016-10012 CVE-2016-10012 does not affect BellSoft software

Bulletin has no description...

CLSA-2022-1671481111 openssh: Fix of 2 CVEs

CVE-2019-6109: verify character encoding in progress display to avoid spoofing of scp client output - CVE-2016-10012: updated to fix server-side protocol errors observed during rekeying with compression enabled...

Fixed CVE-2016-10012 in openssh

CVE-2016-10012: re-remove pre-authentication compression and potentially unsecure shared memory manager used by zlib - Move not yet valid timestamps for certs to 2030-2040 range, make sure all tests are passed and add %check unset DISPLAY section...

Mageia: Security Advisory (MGASA-2018-0006)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Vulnerabilities in OpenSSH affects Power Hardware Management Console

Summary OpenSSH is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-6515 DESCRIPTION: OpenSSH is vulnerable to a denial of service, caused by the failure to limit password lengths for password authentication by the...

SUSE: Security Advisory (SUSE-SU-2018:3540-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:2275-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Vulnerabilities in SSH affect IBM DataPower Gateways (CVE-2016-10009, CVE-2016-10012)

Summary SSH vulnerabilities were disclosed by the OpenSSH Project. IBM DataPower Gateways has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-10009 DESCRIPTION: OpenSSH could allow a remote authenticated attacker to execute arbitrary code on the system, caused by the loading ...

SUSE: Security Advisory (SUSE-SU-2017:0264-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Palo Alto Networks PAN-OS 7.1.x < 7.1.26 / 8.0.x < 8.1.13 / 8.1.x < 8.1.13 / 9.0.x < 9.0.1 Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 7.1.x prior to 7.1.26 or 8.0.x prior to 8.1.13 or 8.1.x prior to 8.1.13 or 9.0.x prior to 9.0.1. It is, therefore, affected by a vulnerability. - OpenSSH software included with PAN-OS has been upgraded to resolve security...

Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2017-1138)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2017-1139)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

F5 Networks BIG-IP : OpenSSH vulnerability (K62201745)

The shared memory manager associated with pre-authentication compression in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allowlocal users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the...

Security Bulletin: Multiple Vulnerabilities in OpenSSH affect IBM i

Summary OpenSSH is used by IBM i. IBM i has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-10009 DESCRIPTION: OpenSSH could allow a remote authenticated attacker to execute arbitrary code on the system, caused by the loading of a specially crafted PKCS11 module across a...

Juniper Junos Space < 18.2R1 Multiple Vulnerabilities (JSA10880)

According to its self-reported version number, the version of Junos Space running on the remote device is 18.2R1, and is therefore affected by multiple vulnerabilities: - Due to untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4, unauthenticated, remote attacker...

Photon OS 1.0: Openssh PHSA-2017-0001

An update of the openssh package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0001. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121665;...

SUSE SLES11 Security Update : openssh (SUSE-SU-2018:3540-1)

This update for openssh fixes the following issues : Security issues fixed : CVE-2018-15919: Remotely observable behaviour in auth-gss2.c in OpenSSH could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. OpenSSH developers do not want to treat such ...