Lucene search
K

247 matches found

Tenable Nessus
Tenable Nessus
added 2015/09/03 12:0 a.m.36 views

Amazon Linux AMI : openssh (ALAS-2015-592)

The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITORREQPAMINITCTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafte...

7CVSS6.2AI score0.00599EPSS
Exploits0References3
Amazon
Amazon
added 2015/09/02 12:0 a.m.52 views

Medium: openssh

Issue Overview: The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITORREQPAMINITCTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid ...

6.9CVSS6.8AI score0.00599EPSS
Exploits0
NVD
NVD
added 2015/08/24 1:59 a.m.15 views

CVE-2015-6563

The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITORREQPAMINITCTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafte...

6.4CVSS6.2AI score0.00378EPSS
Exploits0References18
CVE
CVE
added 2015/08/24 12:0 a.m.1754 views

CVE-2015-6563

CVE-2015-6563 affects the OpenSSH sshd monitor component (monitor.c/monitor_wrap.c). The vulnerability allows a local attacker who has any SSH login access and can control the sshd uid to send a crafted MONITOR_REQ_PAM_INIT_CTX, enabling impersonation by leaking extraneous username data. Public a...

6.4CVSS5.4AI score0.00378EPSS
Exploits0References18Affected Software1
Debian CVE
Debian CVE
added 2015/08/24 12:0 a.m.55 views

CVE-2015-6563

The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITORREQPAMINITCTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafte...

6.4CVSS6.6AI score0.00378EPSS
Exploits0
Cvelist
Cvelist
added 2015/08/24 12:0 a.m.35 views

CVE-2015-6563

The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITORREQPAMINITCTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafte...

6AI score0.00378EPSS
Exploits0References18
Tenable Nessus
Tenable Nessus
added 2011/10/11 12:0 a.m.43 views

MS11-079: Vulnerabilities in Microsoft Forefront Unified Access Gateway Could Cause Remote Code Execution (2544641)

The version of Forefront Unified Access Gateway UAG running on the remote host has multiple vulnerabilities in the Web Monitor component : - An HTTP response splitting vulnerability in ExcelTable.asp. CVE-2011-1895 - A reflected XSS in ExcelTable.asp. CVE-2011-1896 - A reflected XSS in Default.as...

9.3CVSS6AI score0.17309EPSS
Exploits4References7
Rows per page
Query Builder