113 matches found
MiracleLinux 9 : openssh-8.7p1-30.el9 (AXSA:2023-6281:08)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6281:08 advisory. openssh: Remote code execution in ssh-agent PKCS11 support CVE-2023-38408 Tenable has extracted the preceding description block directly from the MiracleLinu...
TencentOS Server 3: openssh (TSSA-2023:0162)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0162 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
TencentOS Server 4: openssh (TSSA-2024:0951)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0951 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
TencentOS Server 2: openssh (TSSA-2023:0168)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0168 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...
ABB M2M Gateway Arbitrary Code Execution in embedded OpenSSH (CVE-2023-38408)
The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. Code in /usr/lib is not necessarily safe for loading into ssh-agent. NOTE: this issue exists because o...
QNAP QuTS hero Multiple OpenSSH Vulnerabilities (QSA-24-37)
QNAP QuTS hero is prone to multiple vulnerabilities in OpenSSH. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qutshero";...
Exploit for Unquoted Search Path or Element in Openbsd Openssh
cve202338408scanner Vulner...
Security Bulletin: IBM Security Guardium is affected by an OpenSSH vulnerability (CVE-2023-38408)
Summary IBM Security Guardium has addressed this vulnerability with an update. Vulnerability Details CVEID:CVE-2023-38408 DESCRIPTION: OpenSSH could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the forwarded ssh-agent. By sending specially crafted requests,...
Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2024-2286)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Photon OS 4.0: Openssh PHSA-2023-4.0-0440
An update of the openssh package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0440. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
CentOS: Security Advisory for openssh (CESA-2023:4382)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for openssh (SUSE-SU-2023:2945-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 9 : openssh-8.7p1-34.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the openssh-8.7p1-34.el9 build changelog. - The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an age...
CentOS 8 : openssh (CESA-2023:4419)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:4419 advisory. - The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forward...
EulerOS Virtualization 2.9.1 : openssh (EulerOS-SA-2023-3088)
According to the versions of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code...
EulerOS Virtualization 3.0.6.0 : openssh (EulerOS-SA-2023-3440)
According to the versions of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code...
EulerOS 2.0 SP10 : openssh (EulerOS-SA-2023-2792)
According to the versions of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an...
EulerOS Virtualization 2.10.1 : openssh (EulerOS-SA-2023-2921)
According to the versions of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code...
EulerOS 2.0 SP10 : openssh (EulerOS-SA-2023-2816)
According to the versions of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an...
EulerOS 2.0 SP11 : openssh (EulerOS-SA-2023-2846)
According to the versions of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an...