MiracleLinux 3 : openssh-4.3p2-29.2AXS3 (AXSA:2009-395:02)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2009-395:02 advisory. SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure...

Vulnerability CVE-2008-5161 (SSH Server CBC Mode Ciphers Enabled) on SDX

Regarding vulnerability CVE-2008-5161 SSH Server CBC Mode Ciphers Enabled, we need to follow the below article to mitigate this vulnerability. Addressing False Positives from CBC and MAC Vulnerability Scans of NetScaler SSHD citrix.com However, we are unable to perform the steps mentioned in the...

SUSE CVE-2008-5161

Error handling in the SSH protocol in 1 SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1;...

Security Bulletin: IBM System x and Flex Systems OpenSSH Vulnerabilities (CVE-2012-0814, CVE-2008-5161)

Summary Older versions of OpenSSH, used by several System x and Flex Systems products, contain multiple vulnerabilities. Vulnerability Details Abstract Older versions of OpenSSH, used by several System x and Flex Systems products, contain multiple vulnerabilities. Content Vulnerability Details:...

Security Bulletin: IBM Virtualization Engine TS7700 - SSH Server CBC Mode Ciphers Enabled (CVE-2008-5161)

Summary The SSH server is configured to support Cipher Block Chaining CBC encryption. This may allow an attacker to recover the plaintext message from the ciphertext. Vulnerability Details CVEID: CVE-2008-5161 DESCRIPTION: The SSH server is configured to support Cipher Block Chaining CBC...

CVE-2008-5161

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/ssh/sshversion.rb 2023-11-11 04:45:55+00:00| seen| https://t.me/arpsyndicate/82 2023-11-13 01:57:41+00:00| seen|...

GLSA-201405-06 : OpenSSH: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201405-06 OpenSSH: Multiple vulnerabilities Multiple vulnerabilities have been discovered in OpenSSH. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could execute arbitrary code, cause a...

AIX OpenSSH Advisory: openssh_advisory.asc

The version of OpenSSH running on the remote host is affected by the following vulnerabilities : - X11 man-in-the-middle attack: When attempting to bind2 to a port that has previously been bound with SOREUSEADDR set, most operating systems check that either the effective user-id matches the...

SunSSH < 1.1.1 / 1.3 CBC Plaintext Disclosure

The version of SunSSH running on the remote host has an information disclosure vulnerability. A design flaw in the SSH specification could allow a man-in-the-middle attacker to recover up to 32 bits of plaintext from an SSH-protected connection in the standard configuration. An attacker could...

CentOS Update for openssh CESA-2009:1287 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for openssh CESA-2009:1287 centos5 i386

Check for the Version of openssh OpenVAS Vulnerability Test CentOS Update for openssh CESA-2009:1287 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

CentOS Security Advisory CESA-2009:1287 (openssh)

The remote host is missing updates to openssh announced in advisory CESA-2009:1287. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

RedHat Security Advisory RHSA-2009:1287

The remote host is missing updates announced in advisory RHSA-2009:1287. OpenSSH is OpenBSD's SSH Secure Shell protocol implementation. These packages include the core files necessary for both the OpenSSH client and server. A flaw was found in the SSH protocol. An attacker able to perform a...

Solaris 10 (sparc) : 140774-03

SunOS 5.10: sshd patch. Date this patch was last updated by Sun : Mar/19/09 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if ! definedfunc"bnrandom"...

Check Point Response to CVE-2008-5161 - OpenSSH CBC mode information disclosure vulnerability

Cause This weakness could allow an attacker who is able to inject arbitrary data into an SSH session to recover up to 32 bits 4 bytes of data by causing an error condition. This attack method causes the SSH session to terminate and therefore cannot be used to obtain arbitrary amounts of data from...

CVE-2008-5161

Error handling in the SSH protocol in 1 SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1;...

Solaris 9 (sparc) : 122300-61

SunOS 5.9: Kernel Patch. Date this patch was last updated by Sun : Nov/03/11 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

Solaris 9 (x86) : 122301-61

SunOS 5.9x86: Kernel Patch. Date this patch was last updated by Sun : Nov/03/11 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...