56 matches found
Medium: openssh
Issue Overview: In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding. CVE-2025-32728 Affected Packages: openssh Issue Correction: Run dnf update openssh --releasever 2023.7.20250623 to update your...
Low: openssh
Issue Overview: In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding. CVE-2025-32728 Affected Packages: openssh Issue Correction: Run dnf update openssh --releasever 2023.7.20250623 or dnf update...
CLSA-2025-1749822032 openssh: Fix of CVE-2025-32728
CVE-2025-32728: fix logic error in DisableForwarding option...
Medium: openssh
Issue Overview: In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding. CVE-2025-32728 Affected Packages: openssh Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ...
Low: openssh
Issue Overview: No CVE associated with this advisory Affected Packages: openssh Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run yum update openssh or yum update...
Amazon Linux 2 : openssh (ALAS-2025-2881)
The version of openssh installed on the remote host is prior to 7.4p1-22. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2881 advisory. In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11...
CLSA-2025-1749552061 openssh: Fix of CVE-2025-32728
CVE-2025-32728: fix logic error in DisableForwarding option...
AIX is vulnerable to an expected behavior violation (CVE-2025-32728) due to OpenSSH
IBM SECURITY ADVISORY First Issued: Tue Jun 10 08:33:35 CDT 2025 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/opensshadvisory19.asc Security Bulletin: AIX is vulnerable to an expected behavior violation CVE-2025-32728 due to OpenSSH...
SUSE SLES15 Security Update : openssh (SUSE-SU-2025:1576-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:1576-1 advisory. - Security issues fixed: CVE-2025-32728: Fixed a logic error in DisableForwarding option bsc1241012 - Other bugs fixed: Allow KEX hashes...
Security update for openssh
This update for openssh fixes the following issue: Security fixes: CVE-2025-32728: Fixed logic error in DisableForwarding option bsc1241012 Other fixes: - Fix ssh client segfault with GSSAPIKeyExchange=yes in sshkex2 due to gssapi proposal not being correctly initialized bsc1236826. The problem...
Security update for openssh
This update for openssh fixes the following issues: Security issues fixed: CVE-2025-32728: Fixed a logic error in DisableForwarding option bsc1241012 Other bugs fixed: Allow KEX hashes greater than 256 bits bsc1241045 Fixed hostname being left out of the audit output bsc1228634 Fixed failures wit...
Mageia: Security Advisory (MGASA-2025-0157)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ROS-20250430-15
Vulnerability of sshd service of OpenSSH cryptographic protection tool is related to inconsistency with the functionality of the DisableForwarding directive stated in the DisableForwarding directive functionality stated in the documentation. Exploitation of the vulnerability could allow an intrud...
CBL Mariner 2.0 Security Update: openssh (CVE-2025-32728)
The version of openssh installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-32728 advisory. - In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation statin...
Azure Linux 3.0 Security Update: openssh (CVE-2025-32728)
The version of openssh installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-32728 advisory. - In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation statin...
Ubuntu: Security Advisory (USN-7457-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-7457-1: OpenSSH vulnerability
It was discovered that OpenSSH incorrectly handled the DisableForwarding directive. The directive would fail to disable X11 and agent forwarding, contrary to documentation and expectations...
USN-7457-1 openssh vulnerability
It was discovered that OpenSSH incorrectly handled the DisableForwarding directive. The directive would fail to disable X11 and agent forwarding, contrary to documentation and expectations...
Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 / 25.04 : OpenSSH vulnerability (USN-7457-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 / 25.04 host has packages installed that are affected by a vulnerability as referenced in the USN-7457-1 advisory. It was discovered that OpenSSH incorrectly handled the DisableForwarding directive. The directive would fail to disable X1...
The vulnerability of the sshd service in the OpenSSH encryption protection mechanism allows a hacker to compromise the integrity of the protected information.
The vulnerability of the sshd service in the OpenSSH encryption protection mechanism is related to a discrepancy between the declared functionality of the DisableForwarding directive in the documentation. Exploiting this vulnerability could allow an attacker to compromise the integrity of the...