20 matches found
Cisco Expressway Series Remote Code Execution Vulnerability (regreSSHion) (cisco-sa-openssh-rce-2024)
According to its self-reported version, Cisco Expressway Series is affected by a vulnerability. - A remote code execution vulnerability exists in Cisco Expressway Series due to a signal handler race condition found in sshd, where a client does not authenticate within LoginGraceTime seconds, after...
Cisco Adaptive Security Appliance (ASA) Software Remote Code Execution Vulnerability (regreSSHion) (cisco-sa-openssh-rce-2024)
According to its self-reported version, Cisco Adaptive Security Appliance ASA Software is affected by a vulnerability. - A remote code execution vulnerability exists in Cisco Adaptive Security Appliance ASA Software due to a signal handler race condition found in sshd, where a client does not...
Cisco Unified Communications Manager IM & Presence Service Remote Code Execution Vulnerability (regreSSHion) (cisco-sa-openssh-rce-2024)
According to its self-reported version, CCisco Unified Communications Manager IM & Presence Service is affected by a vulnerability. - A remote code execution vulnerability exists in Cisco Unified Communications Manager IM & Presence Service due to a signal handler race condition found in sshd,...
Cisco UCS Director Remote Code Execution Vulnerability (regreSSHion) (cisco cisco-sa-openssh-rce-2024)
According to its self-reported version, Cisco UCS Director is affected by a vulnerability. - A remote code execution vulnerability exists in Cisco UCS Directory due to a signal handler race condition found in sshd, where a client does not authenticate within LoginGraceTime seconds, after which th...
Cisco Emergency Responder Remote Code Execution Vulnerability (regreSSHion) (cisco cisco-sa-openssh-rce-2024)
According to its self-reported version, Cisco Emergency Responder is affected by a vulnerability. - A remote code execution vulnerability exists in Cisco Emergency Responder due to a signal handler race condition found in sshd, where a client does not authenticate within LoginGraceTime seconds,...
Cisco Secure Email and Web Manager Remote Code Execution Vulnerability (regreSSHion) (cisco-sa-openssh-rce-2024)
According to its self-reported version, Cisco Secure Email and Web Manager is affected by a vulnerability. - A remote code execution vulnerability exists in Cisco Secure Email and Web Manager due to a signal handler race condition found in sshd, where a client does not authenticate within...
Cisco Smart Software Manager On-Prem Remote Code Execution Vulnerability (regreSSHion) (cisco cisco-sa-openssh-rce-2024)
According to its self-reported version, Cisco Smart Software Manager On-Prem is affected by a vulnerability. - A remote code execution vulnerability exists in Cisco Smart Software Manager On-Prem due to a signal handler race condition found in sshd, where a client does not authenticate within...
Cisco Secure Email Gateway Remote Code Execution Vulnerability (regreSSHion) (cisco cisco-sa-openssh-rce-2024)
According to its self-reported version, Cisco Secure Email Gateway is affected by a vulnerability. - A remote code execution vulnerability exists in Cisco Secure Email Gateway due to a signal handler race condition found in sshd, where a client does not authenticate within LoginGraceTime seconds,...
Cisco IOS XE Software Remote Code Execution Vulnerability (regreSSHion) (cisco cisco-sa-openssh-rce-2024)
According to its self-reported version, Cisco IOS XE Software is affected by a vulnerability. - A remote code execution vulnerability exists in Cisco IOS XE Software due to a signal handler race condition found in sshd, where a client does not authenticate within LoginGraceTime seconds, after whi...
Cisco IOS XR Software Remote Code Execution Vulnerability (regreSSHion) (cisco cisco-sa-openssh-rce-2024)
According to its self-reported version, Cisco IOS XR Software is affected by a vulnerability. - A remote code execution vulnerability exists in Cisco IOS XR Software due to a signal handler race condition found in sshd, where a client does not authenticate within LoginGraceTime seconds, after whi...
Cisco NX-OS Software Remote Code Execution Vulnerability (regreSSHion) (cisco cisco-sa-openssh-rce-2024)
According to its self-reported version, Cisco NX-OS Software is affected by a vulnerability. - A remote code execution vulnerability exists in Cisco NX-OS Software due to a signal handler race condition found in sshd, where a client does not authenticate within LoginGraceTime seconds, after which...
CVE-2024-7589
A signal handler in sshd8 may call a logging function that is not async-signal-safe. The signal handler is invoked when a client does not authenticate within the LoginGraceTime seconds 120 by default. This signal handler executes in the context of the sshd8's privileged code, which is not sandbox...
PT-2024-5969
Name of the Vulnerable Software and Affected Versions OpenSSH versions prior to the fixed version Description A signal handler in sshd8 may call a logging function that is not async-signal-safe. The signal handler is invoked when a client does not authenticate within the LoginGraceTime seconds 12...
OESA-2024-1782 openssh security update
OpenSSH is the premier connectivity tool for remote login with the SSH protocol. \ It encrypts all traffic to eliminate eavesdropping, connection hijacking, and \ other attacks. In addition, OpenSSH provides a large suite of secure tunneling \ capabilities, several authentication methods, and...
OESA-2024-1784 openssh security update
OpenSSH is the premier connectivity tool for remote login with the SSH protocol. \ It encrypts all traffic to eliminate eavesdropping, connection hijacking, and \ other attacks. In addition, OpenSSH provides a large suite of secure tunneling \ capabilities, several authentication methods, and...
Important: openssh
Issue Overview: A signal handler race condition was found in OpenSSH's server sshd, where a client does not authenticate within LoginGraceTime seconds 120 by default, 600 in old OpenSSH versions, then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various...
Race Condition
Overview Affected versions of this package are vulnerable to Race Condition in OpenSSH's server sshd due to a signal handler race condition when a client does not authenticate within LoginGraceTime seconds 120 by default, 600 in old OpenSSH versions. An attacker can execute arbitrary code as root...
SUSE CVE-2004-2069
sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, when using privilege separation, does not properly signal the non-privileged process when a session has been terminated after exceeding the LoginGraceTime setting, which leaves the connection open and allows remote attackers to...
DEBIAN-CVE-2004-2069
sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, when using privilege separation, does not properly signal the non-privileged process when a session has been terminated after exceeding the LoginGraceTime setting, which leaves the connection open and allows remote attackers to...
PT-2004-2965 · Openbsd +2 · Openssh +2
Name of the Vulnerable Software and Affected Versions: OpenSSH versions 3.6.1p2 and 3.7.1p2 Description: The issue occurs in the sshd.c component of OpenSSH when using privilege separation. It does not properly signal the non-privileged process when a session has been terminated after exceeding t...