CVE-2023-28531

ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9...

SUSE CVE-2003-1562

sshd in OpenSSH 3.6.1p2 and earlier, when PermitRootLogin is disabled and using PAM keyboard-interactive authentication, does not insert a delay after a root login attempt with the correct password, which makes it easier for remote attackers to use timing differences to determine if the password...

SUSE CVE-2008-3259

OpenSSH before 5.1 sets the SOREUSEADDR socket option when the X11UseLocalhost configuration setting is disabled, which allows local users on some platforms to hijack the X11 forwarding port via a bind to a single IP address, as demonstrated on the HP-UX platform...

SUSE CVE-2010-5107

The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service connection-slot exhaustion by periodically making many new TCP connections...

SUSE CVE-2014-1692

The hashbuffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service memory corruption or have unspecified other impact via vectors tha...

SUSE CVE-2019-6111

An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned only directory traversal attacks are prevented...

The vulnerability of the client-side SCP mechanism in OpenSSH, which arises due to insufficient validation of input data, allows attackers to overwrite arbitrary files in the client’s download directory.

The vulnerability of the client-side SCP component in OpenSSH exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to rewrite any files in the client’s download directory by creating a sub-directory anywhere on the remote server...

The vulnerability of the OpenSSH cryptographic protection implementation arises from a possible integer overflow, allowing an attacker to execute arbitrary code.

The vulnerability of the OpenSSH cryptographic protection implementation arises due to a numerical overflow condition. Exploiting this vulnerability allows an attacker to execute arbitrary code...

The vulnerability of SSH-agent’s identification keys in the OpenSSH cryptographic protection mechanism allows a attacker to cause a service failure or execute arbitrary code.

The vulnerability of SSH-agent’s identification keys in the OpenSSH encryption method is related to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to cause service failures or execute arbitrary code...

The vulnerability of the auth_password function in the sshd service of the OpenSSH security tool allows a hacker to induce a service failure.

The vulnerability of the authpassword function auth-passwd.c in the sshd service of the OpenSSH encryption protection tool exists due to insufficient input handling mechanisms lack of password length restrictions for authentication. Exploiting this vulnerability allows a malicious actor to cause ...

The vulnerability of the ssh-agent agent in the OpenSSH encryption tool allows a hacker to execute arbitrary code.

The vulnerability of the ssh-agent agent in the OpenSSH encryption tool is related to insufficient checking of modules loaded based on the PKCS11 encryption standard. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

UBUNTU-CVE-2016-6515

The authpassword function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password authentication, which allows remote attackers to cause a denial of service crypt CPU consumption via a long string...

The vulnerability of Cisco IPS software allows a malicious actor to execute arbitrary code.

The GNU Bash command shell, as of version 4.3 and later, incorrectly handles lines that follow the declaration of a function exported as a variable. This allows a malicious actor to execute arbitrary code by manipulating environment variables. Security researchers have confirmed that this...

The vulnerability of the Cisco Nexus 5000 software allows a malicious individual to execute arbitrary code.

The GNU Bash command shell, as of version 4.3 and later, incorrectly handles lines that follow the declaration of a function exported as a variable. This allows a malicious actor to execute arbitrary code by interfering with environment variables. Security researchers have confirmed that this...

The vulnerability of Cisco ACS software allows a malicious individual to execute arbitrary code.

The GNU Bash command shell, as of version 4.3 and later, incorrectly handles lines that follow the declaration of a function that is exported as a variable. This allows a malicious actor to execute arbitrary code by interfering with environment variables. Security researchers have confirmed that...

DEBIAN-CVE-2016-0778

The 1 roamingread and 2 roamingwrite functions in roamingcommon.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which allows remote servers to cause a denial of service heap-based...

DEBIAN-CVE-2016-0777

The resendbytes function in roamingcommon.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key...

DEBIAN-CVE-2015-5352

The x11openhelper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time...

PT-2008-1067

Name of the Vulnerable Software and Affected Versions openssh-askpass-gnome version 3.9p1 openssh-askpass version 3.9p1 openssh version 3.9p1 openssh-server version 3.9p1 openssh-clients version 3.9p1 Description The issue involves multiple vulnerabilities in OpenSSH packages for Red Hat Enterpri...

Access Restriction Bypass

Overview Affected versions of this package are vulnerable to Access Restriction Bypass sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapshot, allows remote authenticated users to obtain access to arbitrary SELinux roles by appending a :/ colon slash sequence, followed by the ro...