Libssh Authentication Bypass Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'libssh Authentication Bypass Scanner', 'Description' = %q This module exploits an authentication bypass in libssh server code where a...

Multiple CVEs identified by vulnerability scanning tools addressed via Brocade ASCG v3.1.0

ASCG v3.1.0 utilizes Rocky Linux version 8.10, addressing a number of potential security vulnerabilities. A complete list of CVEs reported by Rocky Linux as being addressed in this update are provided in the ASCG v3.1.0 Release Notes. In addition, a number of CVEs identified via internal security...

Photon OS 4.0: Libssh PHSA-2023-4.0-0466

An update of the libssh package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0466. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 3.0: Libssh PHSA-2024-3.0-0712

An update of the libssh package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-3.0-0712. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 5.0: Libssh PHSA-2024-5.0-0187

An update of the libssh package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0187. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 5.0: Libssh PHSA-2023-5.0-0089

An update of the libssh package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-5.0-0089. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 4.0: Libssh PHSA-2024-4.0-0542

An update of the libssh package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-4.0-0542. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 3.0: Libssh PHSA-2023-3.0-0645

An update of the libssh package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-3.0-0645. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

CBL Mariner 2.0 Security Update: cert-manager / cf-cli / docker-buildx / erlang / kubernetes / kubevirt (CVE-2023-48795)

The version of cert-manager / cf-cli / docker-buildx / erlang / kubernetes / kubevirt installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-48795 advisory. - The SSH transport protocol with certain...

Security Bulletin: Vulnerabilities in Linux components affect IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary Vulnerabilities in libssh, nginx and nghttp2 affect IBM Storage Virtualize products and could cause denial of service and bypassing of authentication. CVE-2023-44487, CVE-2023-1667, CVE-2023-2283. Vulnerability Details CVEID:CVE-2023-44487 DESCRIPTION: Multiple vendors are vulnerable to a...

Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to libssh, Linux-pam ,Kerberos 5, systemd and idna packages/liberaries.

Summary IBM MQ Operator and Queue manager container images are vulnerable to libssh, Linux-pam ,Kerberos 5, systemd and idna. This bulletin identifies the steps required to address these vulnerabilities Vulnerability Details CVEID:CVE-2023-6004 DESCRIPTION: libssh could allow a local authenticate...

OPENSUSE-SU-2024:10998-1 libssh-config-0.9.6-1.2 on GA media

These are all security issues fixed in the libssh-config-0.9.6-1.2 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:10036-1 libssh-devel-0.7.2-2.1 on GA media

These are all security issues fixed in the libssh-devel-0.7.2-2.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:12914-1 libssh-config-0.10.5-1.1 on GA media

These are all security issues fixed in the libssh-config-0.10.5-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:11603-1 libssh-config-0.9.6-2.1 on GA media

These are all security issues fixed in the libssh-config-0.9.6-2.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:13638-1 libssh-config-0.10.6-1.1 on GA media

These are all security issues fixed in the libssh-config-0.10.6-1.1 package on the GA media of openSUSE Tumbleweed...

RLSA-2024:3233 Low: libssh security update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname CVE-2023-6004 libssh: Missing checks for return values for digests...

libssh security update

An update is available for libssh. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list libssh is a library which implements the SSH protocol. It can be used to...

Rocky Linux 8 : libssh (RLSA-2024:3233)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3233 advisory. libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname CVE-2023-6004 libssh: Missing checks for return values for...

CLSA-2024-1718290223 libssh: Fix of CVE-2023-48795

CVE-2023-48795: implement "strict key exchange" mitigations, tests/pkd/pkddaemon.c: relax pthreadkill assert in pkdstop...