Medium: openssh

Issue Overview: Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI patches added by various Linux distributions and does not affect the OpenSSH upstream project itself. The usage of sshpktdisconnect on an error, which does not...

RockyLinux 9 : openssh (RLSA-2026:6462)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:6462 advisory. openssh: OpenSSH GSSAPI: Information disclosure or denial of service due to uninitialized variables CVE-2026-3497 Tenable has extracted the preceding description...

RHEL 8 : openssh (RHSA-2026:6461)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:6461 advisory. OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary f...

RHEL 9 : openssh (RHSA-2026:6462)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:6462 advisory. OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary f...

Important: Red Hat Security Advisory: openssh security update

An update for openssh is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

Permissive List of Allowed Inputs

Overview Affected versions of this package are vulnerable to Permissive List of Allowed Inputs due to incorrect handling of string termination in the GSSAPI standard during authentication on Linux and macOS. An attacker can cause an application crash or leak information by triggering a read...

Permissive List of Allowed Inputs

Overview Affected versions of this package are vulnerable to Permissive List of Allowed Inputs due to incorrect handling of string termination in the GSSAPI standard during authentication on Linux and macOS. An attacker can cause an application crash or leak information by triggering a read...

Ubuntu: Security Advisory (USN-7956-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-3576

A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This ma...

SUSE-SU-2022:3562-1 Security update for libgsasl

This update for libgsasl fixes the following issues: - CVE-2022-2469: Fixed OOB read in GSSAPI server bsc1201715...